c# - How do I programmatically find whether the intermediate certificate was served by the web server? -
my c# code uses httpwebrequest
send requests web service via http on ssl (https://
prefixed urls). service has it's coolservice.example.com certificate signed certificate authority intermediate certificate in turn signed trusted root certificate authority certificate. latter must in caller certificate store , marked "trusted root", otherwise ssl trust chain thing makes no sense. intermediate certificate may come either of different sources:
- the web server may serve own certificate (as in "here's certificate , btw signed certificate signed trust, please check signatures along trust chain")
- the caller may automagically retrieve intermediate certificate authority (aia protocol or something) - know because i've been interfacing web service didn't have intermediate certificate installed , "it worked"
- the caller may have intermediate certificate installed in store
i need check web server serves (not has in trust store serves certificate) intermediate while ssl handshake in progress. this test site shows "sent server" next intermediate. guess such check possible.
how craft such check c# , .net framework?
so far i've come across httpwebrequest.servercertificatevalidationcallback
accepts web service certificate (x509certificate
object) , trust chain (x509chain
object). trust chain lists certificates in chain cannot see detailing certificate obtained.
how programmatically find whether intermediate certificate server web server or obtained elsewhere?
Comments
Post a Comment