stackoom
  简体   繁体   中英

What is the difference between X509Chain.Build() and X509Certificate2.Verify()?

 原文  2022-12-13 21:23:02       c#/ .net/ code-signing/ x509/ code-signing-certificate

Question

I want to check that some dll's and exe's are authentic prior to loading. It seems as though both of these functions can validate the certificate chain. Do they essentially do the same thing or can someone explain how they differ?

X509Chain.Build() X509Certificate2.Verify()

From what I've tried, they both return a pass or fail depending on whether the cert chain can be authenticated back to the root CA.

1 answers

solution1
 0  2023-01-03 23:17:48

X509Certificate2.Verify() just calls X509Chain.Build() with default options (and then disposes the detailed results to reduce finalization queuing), as can be seen in the source for Verify() .

If you don't need to customize anything on the policy, X509Certificate2.Verify() is fine. If you need/want to customize something then using X509Chain directly is required, and you should skip calling Verify.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question x509Chain.build fails, certutil -verify passes X509Chain.Build() method explanation X509Certificate2.Verify behaviour X509Certificate2.Verify() returns false always X509Certificate2.Verify() behaviour first time usage X509Certificate2.Verify() runs into error but certificate is working X509Chain.Build() succeeding for revoked certificate. C# C# X509Certificate2.Verify without revocation test X509Certificate2.Verify() method always return false for the valid certificate Establishing SSL\TLS connection (X509Chain.Build()) takes too long
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM