问题
I have to write a tool which validates if a X509 certificate is valid or not (input = cert path / subject and password). How can I do that? I don't know much about certs...
回答1:
Take a look at X509Certificate2.Verify()
回答2:
In general, RFC 3280 includes almost complete instructions regarding how to perform validation, however those instructions are very non-trivial. Additionally you would need to read RFC 2560 (OCSP) and implement OCSP client.
For most tasks you will find our TElX509CertificateValidator component perfectly suitable. It checks certificate paths, CRL and OCSP revocation (and checks validity of CRLs and OCSP responses as well). It is flexible and powerful enough and lets you perform additional, deeper checks on each step. Also this component can work with both Windows certificate storages and any other certificates, certificate chains and storages that you might have in files or in memory.
来源:https://stackoverflow.com/questions/3613615/how-to-validate-x509-certificate