Is it possible in .NET to verify a certificate chain against a store on another machine (that may possibly belong to another user)?
I'm not too sharp on certificates and PKI but I've been tooling around with System.Security.Cryptography.X509Certificates and I've been able to figure a few things out.
Something I'd like to be able to do for a project I'm working on is take a certificate file and verify the chain exists in a store on another machine that potentially belongs to another user. Based on a couple hours of research, it appears that this simply isn't possible in managed code. Unfortunately I don't really know the first thing about unmanaged code, but some stumbling around has let me to a little information about CertOpenStore.
However, from what I can tell, this would let me access certificates but wouldn't let me validate against a store on another computer. From what I know, verification is done with the X509Chain class, and while you can give it a supplementary set of certificates via the ExtraStore property, it always does verification against either the CurrentUser or LocalMachine store on the machine.