static bool CheckCertificate(IOcesCertificate certificate)
{
var environment = RootCertificates.GetEnvironment(certificate.IssuingCa);
string serverUrl = certificate.OcspUrl;
var reqAndId = RequestGenerator.CreateOcspRequest(certificate);
OcspResp resp = Requester.Send(reqAndId.Request, serverUrl);
return(ResponseParser.CertificateIsValid(reqAndId.Id, resp, certificate));
}
static bool IsAlive(string ocspUrl)
{
if (Environments.TrustedEnvironments.Contains(OcesEnvironment.OcesIDanidEnvDevelopment))
{
Logger.Info("OCSP checking is not supported in this environment. Assuming certificate is not revoked");
return(false);
}
try
{
var environments = Environments.TrustedEnvironments;
if (environments == null || environments.Count() == 0)
{
throw new InvalidOperationException("No trusted enviroment has been set");
}
Logger.Debug("validate certificate serial number 1 for url: " + ocspUrl);
var rootCertificate = RootCertificates.LookupCertificate(environments.First());
// validate certificate serial number 1
var ocspRequest = RequestGenerator.CreateOcspRequest(rootCertificate, "1");
PostOcspRequest(ocspRequest.Request, rootCertificate, ocspUrl, "1");
return(true);
}
catch (WebException e)
{
throw new ArgumentException("Unknown ocsp url", e);
}
catch (OcspException e)
{
throw new InternalException("Could not ping OCSP responder", e);
}
}
