public static TestCertificate Generate(Action <X509V3CertificateGenerator> modifyGenerator = null, ChainCertificateRequest chainCertificateRequest = null) { var certName = GenerateCertificateName(); var cert = SigningTestUtility.GenerateCertificate(certName, modifyGenerator, chainCertificateRequest: chainCertificateRequest); CertificateRevocationList crl = null; // create a crl only if the certificate is part of a chain and it is a CA if (chainCertificateRequest != null && chainCertificateRequest.IsCA) { crl = CertificateRevocationList.CreateCrl(cert, chainCertificateRequest.CrlLocalBaseUri); } var testCertificate = new TestCertificate { Cert = cert, Crl = crl }; return(testCertificate); }