void ValidateChain(X509Certificate2 cert, CacUser cacUser) { // **ALL** validation flags turned on var validator = X509CertificateValidator.ChainTrust; try { validator.Validate(cert); } catch (Exception e) { cacUser.ChainError = e.Message; } }
/// <summary> /// Get a CacUser. /// </summary> /// <remarks> /// Example usage: /// https://github.com/kuujinbo/Mvc.NET/blob/master/src/kuujinbo.Mvc.NET.Examples/Controllers/CacUserController.cs /// </remarks> public virtual CacUser GetCacUser(HttpRequestBase request, bool validateChain = false) { X509Certificate2 cert = new X509Certificate2(GetCertificate(request)); var subjectName = cert.GetNameInfo(X509NameType.SimpleName, false); var cacUser = CacUser.Create(subjectName); cacUser.Subject = subjectName; cacUser.Issuer = cert.Issuer; cacUser.Email = cert.GetNameInfo(X509NameType.EmailName, false) .ToLower(); if (validateChain) { ValidateChain(cert, cacUser); } return(cacUser); }