Discuss this help topic in SecureBlackbox Forum

XML: Tune-up automatic collection of revocation information

TElXAdESSigner and TElXAdESVerifier components perform automatic collection of certificates and revocation information (CRLs, OCSP responses) by internally validating the signing certificate using TElX509CertificateValidator class. To get access to this class and its tracing events or to perform finer tuning you need to handle OnBeforeCertificateValidate event or assign your own instance of TElX509CertificateValidator to CertificateValidator property of TElXAdESSigner or TElXAdESVerifier class.

Additionally, you may set TrustedCertificates, IgnoreChainValidationErrors, ForceCompleteChainValidation, OfflineMode properties of TElXAdESSigner or TElXAdESVerifier to tune-up certificate validation processs.

For additional information please refer to "Implementing XAdES signing of data using SecureBlackbox" article ("Preparing and Tuning TElXAdESSigner and TElXAdESVerifier components") section and to "Validate the certificate using TElX509CertificateValidator" how-to article.

C#:


// load signature
...
XAdESVerifier.OnBeforeCertificateValidate += new SBXMLAdESIntf.TSBXAdESBeforeCertificateValidateEvent(this.HandleBeforeCertificateValidate);
Validity = XAdESVerifier.AddValidationDataValues();

void HandleBeforeCertificateValidate(System.Object Sender,
  TElX509Certificate Cert, TElX509CertificateValidator CertValidator)
{
  // trust system certificates
  CertValidator.IgnoreSystemTrust = false;
  CertValidator.UseSystemStorages = true;
}
Delphi:

// load signature
...
XAdESVerifier.OnBeforeCertificateValidate := HandleBeforeCertificateValidate;
Validity := XAdESVerifier.AddValidationDataValues();

procedure HandleBeforeCertificateValidate(Sender: TObject;
  Cert: TElX509Certificate; CertValidator: TElX509CertificateValidator);
begin
  // trust system certificates
  CertValidator.IgnoreSystemTrust := false;
  CertValidator.UseSystemStorages := true;
end;

How To articles about XML signing (XMLDSig and XAdES)

Discuss this help topic in SecureBlackbox Forum