/// <summary> /// test loadup ca and make cert /// </summary> /// <param name="xmlstring"></param> private void TestLoadupCAandMakeCert(string xmlstring) { var sw = Stopwatch.StartNew(); var ca = CertificateAuthority.FromXmlString(xmlstring); var catim = sw.ElapsedMilliseconds; var cermaker = new Certificate(ca, "CN=actualcer", 0, TimeSpan.FromMinutes(3)); var cer = cermaker.Cert; Assert.IsNotNull(cer); Assert.IsTrue(cer.HasPrivateKey); sw.Stop(); var cp = new X509ChainPolicy(); cp.ExtraStore.Add(ca.PublicKey); cp.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority; cp.RevocationMode = X509RevocationMode.NoCheck; cp.RevocationFlag = X509RevocationFlag.EndCertificateOnly; var chain = new X509Chain { ChainPolicy = cp }; var built = chain.Build(cer); Assert.IsTrue(built, "should have built a validated chain"); Assert.IsTrue(chain.ChainElements.Cast <X509ChainElement>().Select(x => x.Certificate).Contains(ca.PublicKey), "expecting chain to have our generated CA"); Assert.IsTrue(chain.ChainElements.Cast <X509ChainElement>().Select(x => x.Certificate).Contains(cer), "expecting chain to have our actual cert"); Assert.AreEqual(2, chain.ChainElements.Count, "chain element count"); }