Hi, I have ASP.NET web service on windows server 2003. I have own certificate authority. I use own client certificate on authentification in web service. I make client certificate. I call web service, everything is ok. Then I revoke this certificate in certification authority. Certificate is in Revoked certificate. I call web service with this certificate, but web service verify this certificate as good, but this certificate is between revoked. I don't know why? Anybody help me please?
I use this method on verify certificate.
X509Certificate2.Verify Method
I don't get any exception, certificate is between revoked, but web service verify this certificate as good.
to klausbyskov: Thank you. So I try this :
public void CreateUser(X509Certificate2 cert)
{
ServicePointManager.UseNagleAlgorithm = true;
ServicePointManager.Expect100Continue = true;
ServicePointManager.CheckCertificateRevocationList = true;
ServicePointManager.DefaultConnectionLimit = ServicePointManager.DefaultPersistentConnectionLimit;
if (VefiryCert(cert))
{
//...
}
}
But the revoked certificate is still verify as good