Can I ensure, using C#, that an X509Certificate was issued by a trusted authority?

Posted by dommer on Stack Overflow See other posts from Stack Overflow or by dommer
Published on 2010-05-18T11:03:41Z Indexed on 2010/05/18 12:10 UTC
Read the original article Hit count: 712

Filed under:
|

If I use X509Certificate.CreateFromSignedFile to get the certificate used to sign a file, can I confirm that it was signed by a trusted authority - and isn't just a "self-signed" cert of some kind?

I want to extract the "Subject" (company) name from the cert to ensure that an unmanaged DLL I'm using is unmolested (I can't checksum it as it's updated frequently and independently) and official.

However, I'm concerned that a fake DLL could be signed with a "self-signed" cert and return the original company's name. So, I want to ensure the the cert was issued by Versign, Thwate or similar (anything installed on the cert repository on the machine will be fine).

How can I do this, if at all, when using X509Certificate.CreateFromSignedFile? Or does it do this automatically (i.e. a "self-signed" cert will fail)?

© Stack Overflow or respective owner

Related posts about x509certificate

Related posts about c#