public async Task <CertificateWithCustomIntermediatesResult> GetRevokedSigningCertificateAsync(DateTimeOffset revocationDate, DateTimeOffset crlUpdateTime)
{
var testServer = await GetTestServerAsync();
var ca = await GetCertificateAuthority();
var ca2 = ca.CreateIntermediateCertificateAuthority();
var responders = new DisposableList <IDisposable>();
var ca2Responder = OcspResponder.Create(ca2, new OcspResponderOptions
{
ThisUpdate = crlUpdateTime,
});
responders.Add(testServer.RegisterResponder(ca2));
responders.Add(testServer.RegisterResponder(ca2Responder));
void CustomizeAsSigningCertificate(X509V3CertificateGenerator generator)
{
generator.AddSigningEku();
generator.AddAuthorityInfoAccess(ca2, addOcsp: true, addCAIssuers: true);
}
var(publicCertificate, certificate) = IssueCertificate(ca2, "Revoked Signing", CustomizeAsSigningCertificate);
var caCert = ca.Certificate.ToX509Certificate2();
var ca2Cert = ca2.Certificate.ToX509Certificate2();
ca2.Revoke(publicCertificate, reason: RevocationReason.Unspecified, revocationDate: revocationDate);
return(new CertificateWithCustomIntermediatesResult(
certificate,
new[] { caCert, ca2Cert },
responders));
}
internal OcspResponderSecurityDescriptor(OcspResponder onlineResponder) : base(false)
{
ComputerName = onlineResponder.ComputerName;
}