已撤銷客戶端證書

Question

我沒有什麼問題。我在Windows Server 2003中使用了證書頒發機構，並撤消了客戶端證書。 客戶端證書已被吊銷證書。我嘗試驗證在winform應用程序撤銷該客戶端證書在Windows Server 2003的代碼是在這裏：

private bool VefiryCert(X509Certificate2 cert) 
{ 
    X509Chain chain = new X509Chain(); 
    chain.ChainPolicy.RevocationFlag = X509RevocationFlag.EntireChain; 
    chain.ChainPolicy.RevocationMode = 
     X509RevocationMode.Online; 
    chain.ChainPolicy.UrlRetrievalTimeout = new TimeSpan(0, 0, 1000); 
    chain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllFlags; X509VerificationFlags.AllowUnknownCertificateAuthority; 
    return chain.Build(cert); 
} 

But this client certificate is verify as true。我很迷惑，哪裏可以解決問題？我如何檢查在winform應用程序中加載並用於驗證此客戶端證書的撤銷列表？

所以問題是我驗證客戶證書，這是在方法VefiryCert撤銷列表（在證書頒發機構），證書驗證爲TRUE。

有人可以幫我嗎？

Answer 1

我在服務器上有類似的問題。我發現，

ServicePointManager.CheckCertificateRevocationList = true; 

打電話讓我看到了異常

failed: System.ServiceModel.Security.SecurityNegotiationException : Could not establish trust relationship for the SSL/TLS secure channel with authority 'XXX.XXX.net'. 
----> System.Net.WebException : The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. 
----> System.Security.Authentication.AuthenticationException : The remote certificate is invalid according to the validation procedure.