How to verify a certificate chain using a CA certificate C#
Question
I am trying to connect to a Mosquitto broker. The broker will have a ca.crt and a server.crt. My app will only have the ca.crt.
Upon connection the broker provides both ca.crt and server.crt (certificate chain). How can I validate both against the ca.crt which I already have? ca.crt and the one present on the client are the same.
1 answers
solution1
1 ACCPTED 2021-04-30 09:36:28
Use the X509Chain class and put the ca.crt , loaded as X509Certificate2 , onto the ExtraStore property of the ChainPolicy property.
var caCert = new X509Certificate2(".\\ca.crt");
var serverCert = new X509Certificate2(".\\server.crt");
X509Chain ch = new X509Chain();
ch.ChainPolicy.RevocationMode = X509RevocationMode.Online;
ch.ChainPolicy.ExtraStore = new X509Certificate2Collection(caCert);
ch.Build (serverCert);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
How to validate a certificate chain from a specific root CA in C#
Verify a CA Certificate with a public key in C#
How can I Get the details from Root-CA-Cert certificate (x509) chain using c#?
C# How can I validate a Root-CA-Cert certificate (x509) chain?
X509Certificate2 chain verify(validation) in c#
C# verify file certificate
Verify SSL certificate in C#
How to list all Microsoft CA Certificate templates with oid in c#
Include CA certificate in C# code
C# Get Certificate from CA standalone
Related Tags