堆栈内存溢出
  简体   繁体   English

使用自定义CA公钥文件验证证书?

[英]Validating Certificate with custom CA public key file?

 原文  2011-04-04 05:32:54       c#/ .net/ https/ certificate/ webclient

问题描述

for a research project within my company I want to validate a HTTPS WebClient connection with a custom CA certificate, without permanently adding it to the systems CA list, or disabling validation altogether via the often seen examples for ServerCertificateValidationCallback {return true;} 对于我公司内的研究项目,我想验证带有自定义CA证书的HTTPS WebClient连接,而不是将其永久添加到系统CA列表,或者通过ServerCertificateValidationCallback经常看到的示例完全禁用验证{return true;}

I have the CA public key in a .pem file and can load that, however even after hours of looking, I cannot find a way to use that for validating the connection with this certificate. 我在.pem文件中有CA公钥并且可以加载它,但是即使经过几个小时的查看,我也找不到使用它来验证与此证书的连接的方法。

Just checking the name of the server with the certificate is a bit lame too..... 只是用证书检查服务器的名称也有点蹩脚.....

I imagined at least one of the following to be possible: 我想象至少有以下一种可能:

a) add the CA public cert to a 'in memory' only CA list b) use the CA public cert directly in a 'validate' call a)将CA公共证书添加到“仅在内存中”的CA列表中b)在“验证”调用中直接使用CA公共证书

So far, no luck. 到目前为止,没有运气。 Additionally, I wouldn't even be able to validate 'by hand' as many of the relevant elements for that are simply not being exported by the X509Certificate(2) classes. 此外,我甚至无法“手动”验证,因为许多相关元素根本没有被X509Certificate(2)类导出。

Am I missing something? 我错过了什么吗?

1 个解决方案

解决方案1
 2  2011-04-04 05:45:16

If you don't mind third-party options, PKIBlackbox package of our SecureBlackbox lets you perform flexible validation of certificate chains (including CRL and OCSP checking) and can work with certificates in files as well as Windows certificate storages and HSM certificate storages. 如果您不介意第三方选项,我们的SecureBlackbox的 PKIBlackbox包允许您对证书链(包括CRL和OCSP检查)执行灵活的验证,并且可以使用文件中的证书以及Windows证书存储和HSM证书存储。

SecureBlackbox also includes flexible HTTP/HTTPS client which doesn't depend on other implementations or libraries. SecureBlackbox还包括灵活的HTTP / HTTPS客户端,不依赖于其他实现或库。 SecureBlackbox can be used on .NET, Mono and more. SecureBlackbox可用于.NET,Mono等。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用C#中的公钥验证CA证书 - Verify a CA Certificate with a public key in C# iTextSharp中的Pades LTV验证会引发公钥,而不是根CA证书的证书签名 - Pades LTV verification in iTextSharp throws Public key presented not for certificate signature for root CA certificate 使用X509certificate从XML文件中提取公钥? - Extract public key from an XML file with X509certificate? 从公钥创建证书 - Create certificate from public key 从证书中提取公钥 - Extract public key from certificate 使用公钥证书激活产品 - Product activation with public key certificate 当我有可用的公钥、私钥和 ca 文件时,如何从 HTTPS 自签名网页检索 (GET) 数据? - How to retrieve (GET) data from a HTTPS self-signed webPage when I have public key, private key and ca file available? 验证 WebAuth 断言的 Elyptical 公钥签名 - Validating Elyptical Public Key signatures for WebAuth Assertions 加密X509证书公钥 - Encrypting the X509Certificate public Key 获取网站的SSL证书的公钥 - Get the public key of a website's SSL certificate
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM