我有这段代码:
X509Chain x509Chain = new X509Chain();
x509Chain.ChainPolicy.ExtraStore.Add(certificate1);
x509Chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
x509Chain.ChainPolicy.RevocationFlag = X509RevocationFlag.ExcludeRoot;
x509Chain.Build(certificate2);
foreach (X509ChainElement x509ChainElement in x509Chain.ChainElements)
{
Log("Name: " + x509ChainElement.Certificate.GetNameInfo(X509NameType.SimpleName, false));
foreach (X509ChainStatus x509ChainStatus in x509ChainElement.ChainElementStatus)
Log("status: " + x509ChainStatus.StatusInformation);
if (x509ChainElement.ChainElementStatus.Length != 0 && (x509ChainElement.Certificate.Thumbprint != certificate1.Thumbprint))// || x509ChainElement.ChainElementStatus[0].Status != X509ChainStatusFlags.UntrustedRoot))
return false;
}
如果证书是自签名的(或者至少我认为它没有安装),我无法设法安装证书。在状态日志消息中,我得到了:
已处理证书链,但已在根证书中终止 信任提供者不信任
如何忽略该检查?