x509certificate2

We're developing a microservices app on Kubernetes. One of the microservices is IdentityServer instance. Initially, I want to test the solution locally on Docker to make sure it works. For this purpose, I want to copy the certificate to appsettings.json. Eventually this value will be replaced by a Kubernetes secret. In my startup class this is how I'm trying to load my certificate: services.AddIdentityServer() .AddSigningCredential(GetIdentityServerCertificate()) .AddConfigurationStore(... private X509Certificate2 GetIdentityServerCertificate() { var clientSecret = Configuration["Certificate"]

How can I programmatically get when X509Certificate is revoked? I can get information if certificate is revoked, but i need to get when is revoked, i think that CRL list have that info, but can someone tell me how to read that. Revocation status is checked by (a) obtaining CRL lists and checking if the certificate is listed there, and (b) sending an OCSP request to the server to check the same. .NET doesn't let you do this. CryptoAPI might have some means for these operations, but the easiest is to use third-party library for .NET. BouncyCastle claims to have some support for OCSP and CRLs,

I have a certificate installed under Personal as well as Trusted Root Certification Authorities Have tried using this bit of code to post to an endpoint: public void Post() { try { var clientCert = LoadFromStore("MyThumbprint"); var requestHandler = new WebRequestHandler(); requestHandler.ClientCertificates.Add(clientCert); var client = new HttpClient(requestHandler) { BaseAddress = new Uri("https://localhost:44430/") }; var response = client.GetAsync("api/test").Result; response.EnsureSuccessStatusCode(); string responseContent = response.Content.ReadAsStringAsync().Result; Console.WriteLine

I have an issue when installing x509 certificate in the system through vb.net. Installation itself is successful, but when I do install it through the code I do get one entry in Certificate Management window as displayed bellow: However when I install it manually using import function in Certificate Management window I do get two entries in the list for this certificate: The problem that I am facing is that when I use this certificate to perform certain tasks (passing some info to the third party service) it only works when it is manually imported (there are two entries in the certificate list

Firstly, Thanks to all those patient techies trying to help unknown people. Secondly, I have a wcf service which should be consumed by only several clients (10) known to our company. This wcf service has the x509certificate "CN=ABCD". Now it expects to receive a certificate in turn from clients to consume this service. So here are the design questions Should I create one certificate "CN=ABCD" , then right click on it and export as pfx files and distribute them to Clients? Some say to validate in code and some say to validate in config which is better? How should I know which client is calling