public static Func<X509Certificate2, string> FromIssuerRegistry(IssuerNameRegistry registry) { return cert => { var chain = new X509Chain { ChainPolicy = { RevocationMode = X509RevocationMode.NoCheck } }; chain.Build(cert); var elems = chain.ChainElements; return registry.GetIssuerName( new X509SecurityToken( elems.Count == 1 ? elems[0].Certificate : elems[1].Certificate)); }; }
internal static string GetCertificateIssuerName(X509Certificate2 certificate, IssuerNameRegistry issuerNameRegistry) { if (certificate == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("certificate"); } if (issuerNameRegistry == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("issuerNameRegistry"); } X509Chain chain = new X509Chain(); chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck; chain.Build(certificate); X509ChainElementCollection elements = chain.ChainElements; string issuer = null; if (elements.Count > 1) { using (X509SecurityToken token = new X509SecurityToken(elements[1].Certificate)) { issuer = issuerNameRegistry.GetIssuerName(token); } } else { // This is a self-issued certificate. Use the thumbprint of the current certificate. using (X509SecurityToken token = new X509SecurityToken(certificate)) { issuer = issuerNameRegistry.GetIssuerName(token); } } for (int i = 1; i < elements.Count; ++i) { // Resets the state of the certificate and frees resources associated with it. elements[i].Certificate.Reset(); } return issuer; }