Someone was confused about why the Verify method on a self-signed certificate was returning False. More information than just a yes/no is available, though, if you know how to ask. Creating an X509Chain object, calling Build with the certificate, and examining the ChainStatus property shows why the certificate failed to verify. In this case, it was because the root was untrusted, which makes sense since it was a self-signed certificate.
To make it verify, the user needed to add the certificate to the Trusted Root Certification Authorities store. That makes the root trusted, and since everything else about the certificate is good, the certificate verifies.
No comments:
Post a Comment