public OcspDto ParseOcspResponse(BasicOcspResp brep) { SingleResp singleResp = brep.Responses[0]; Object itstatus = singleResp.GetCertStatus(); OcspDto status = new OcspDto() { ProducedAt = brep.ProducedAt, ThisUpdate = singleResp.ThisUpdate, NextUpdate = singleResp.NextUpdate.Value }; if (itstatus == CertificateStatus.Good) { status.Status = OcspCertificateStatus.Good; } else if (itstatus is RevokedStatus revokedStatus) { status.Status = OcspCertificateStatus.Revoked; status.RevocationTime = revokedStatus.RevocationTime; try { status.RevocationReason = revokedStatus.RevocationReason; } catch (InvalidOperationException) { status.RevocationReason = -1; } } else { status.Status = OcspCertificateStatus.Unknown; } return(status); }
public OcspDto GetStatus(string hostname, int port) { X509Certificate certificate; List <X509Certificate> chain; OcspDto status = new OcspDto(); try { (certificate, chain) = ConnectionService.LoadCertificates(hostname, port); } catch { return(new OcspDto() { Status = Enums.OcspCertificateStatus.Unknown }); } var req = OcspService.CreateOcspReq(certificate, chain[1]); var resp = OcspService.GetOcspStatus(req); if (resp != null) { status = OcspService.ParseOcspResponse(resp); status.Errors = CertificateValidationService.ValidateOcspResponse(certificate, chain[1], resp); } else { status.Status = OcspCertificateStatus.Unknown; } var x509Certificate = DotNetUtilities.ToX509Certificate(certificate); status.Hostname = hostname; status.Certificate = new CertificateDto() { Subject = x509Certificate.Subject, Issuer = x509Certificate.Issuer, SerialNumber = x509Certificate.GetSerialNumberString(), ExpirationDate = x509Certificate.GetExpirationDateString() }; return(status); }