/// <summary>
/// test loadup ca and make cert
/// </summary>
/// <param name="xmlstring"></param>
private void TestLoadupCAandMakeCert(string xmlstring)
{
var sw = Stopwatch.StartNew();
var ca = CertificateAuthority.FromXmlString(xmlstring);
var catim = sw.ElapsedMilliseconds;
var cermaker = new Certificate(ca, "CN=actualcer", 0, TimeSpan.FromMinutes(3));
var cer = cermaker.Cert;
Assert.IsNotNull(cer);
Assert.IsTrue(cer.HasPrivateKey);
sw.Stop();
var cp = new X509ChainPolicy();
cp.ExtraStore.Add(ca.PublicKey);
cp.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;
cp.RevocationMode = X509RevocationMode.NoCheck;
cp.RevocationFlag = X509RevocationFlag.EndCertificateOnly;
var chain = new X509Chain
{
ChainPolicy = cp
};
var built = chain.Build(cer);
Assert.IsTrue(built, "should have built a validated chain");
Assert.IsTrue(chain.ChainElements.Cast <X509ChainElement>().Select(x => x.Certificate).Contains(ca.PublicKey), "expecting chain to have our generated CA");
Assert.IsTrue(chain.ChainElements.Cast <X509ChainElement>().Select(x => x.Certificate).Contains(cer), "expecting chain to have our actual cert");
Assert.AreEqual(2, chain.ChainElements.Count, "chain element count");
}
