private static void WarnIfNotBestMatch(ExchangeCertificate certificate, IConfigurationSession session, Server server, List <LocalizedString> warningList)
{
if (warningList == null)
{
return;
}
X509Store x509Store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
try
{
x509Store.Open(OpenFlags.ReadOnly);
using (ChainEngine chainEngine = new ChainEngine())
{
IEnumerable <ManageExchangeCertificate.FqdnConnectors> connectorFQDNs = ManageExchangeCertificate.GetConnectorFQDNs(session, server);
foreach (ManageExchangeCertificate.FqdnConnectors fqdnConnectors in connectorFQDNs)
{
X509Certificate2 x509Certificate;
if (ManageExchangeCertificate.CertificateHasLowerPrecedence(x509Store, chainEngine, fqdnConnectors.Fqdn, certificate, out x509Certificate))
{
if (!new ExchangeCertificate(x509Certificate).IsSelfSigned)
{
warningList.Add(Strings.WarnCertificateWillNotBeUsedBestIsPKI(x509Certificate.Thumbprint, fqdnConnectors.Fqdn, fqdnConnectors.Connectors));
}
else
{
warningList.Add(Strings.WarnCertificateWillNotBeUsed(x509Certificate.Thumbprint, fqdnConnectors.Fqdn, fqdnConnectors.Connectors));
}
}
}
}
}
finally
{
if (x509Store != null)
{
x509Store.Close();
}
}
}
