How to get the Signature of a Self-Signed Certificate using X509Certificate or other .NET Class?

Question

Hello

I am trying to verify a root/self-signed certificate by trying to decrypt the signature with a known/trusted Public Key, then checking if the decrypted hash matches the original certificate hash.

I get the remote certificate by using RemoteCertificateValidation callback on the sslStream class.

The certificate is given as a X509Certificate class, I can get all properties of this certificate using this class except the Signature.

Is there any way I can get the byte array of the signature using the X509Certificate class or any other class?

Regards Albert

Answer 1

If you don't mind using third-party components, take a look at PKIBlackbox package of our SecureBlackbox product. Using TElX509Certificate class you can validate the certificate (using internal Validate method) and compute the hashes of your certificate in order to compare them to known values with a couple of lines of code.