How server can validate client certificate in C#

Question

I know server certificate can be verified by client using.

HttpWebRequest request = WebRequest.CreateHttp( url );
request.ServerCertificateValidationCallback += ValidateServerCertificate;

but if I need to validate the client certificate on server that it is issued by a proper CA, it is not expired and the certificate is not revoked, then how I will verify as two way SSL requires both client and server certificates to be verified.

score 0 · Answer 1 · answered Nov 19 '20 at 09:40

0

You can add a service certificate node in the server configuration file to configure client certificate information. Then customize a class that inherits X509CertificateValidator on the server side, and override the verification method in this class to verify the client's certificate. For specific operations, you can refer to:X.509 Certificate Validator.

answered Nov 19 '20 at 09:40

Theobald Du

824
4
7

I want to check whether the certificate is issued by a proper Root CA, it is not expired and the certificate is not revoked. – Aishwary Rastogi Nov 20 '20 at 03:45
How can I check all these with X.509 Certificate Validator. – Aishwary Rastogi Nov 20 '20 at 03:45

How server can validate client certificate in C#

1 Answers1