EldoS | Feel safer!

Software components for data protection, secure storage and transfer

OCSP_Client_VS2008

Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.
#15348
Posted: 12/21/2010 06:51:47
by Alexandre Vouez (Basic support level)
Joined: 12/21/2010
Posts: 2

Hello,

My company is very interested to use your solution to check revocation-list of certificate with ocsp protocol.
I downloaded secure black box for .net 2008 trial version.
But i'm surprised that issuer certificate is asked to make the check.

We would like offer to our customer a solution to validate signed file with a website in asp.net, Customer must upload the file and the xml(who contain signature), then It's easy to recrate user certificate from xml but I don't see how to retrieve issuer certificate in this case.
Is it mandatory to have issuer certificate?

Thanks for your help

Alexandre
#15349
Posted: 12/21/2010 07:21:56
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for interesting in our products.

Only the certificate, whose issuer (CA) certificate is available, can be checked using OCSP.
#15350
Posted: 12/21/2010 07:30:13
by Eugene Mayevski (EldoS Corp.)

You should also note, that the certificate can be validated properly only when the complete certificate chain can be built up to the root CA certificate. So if you don't have an issuer certificate, you won't be able to validate the certificate used to sign the data, no matter whether you use OCSP or CRL checking or plain chain validation.


Sincerely yours
Eugene Mayevski

Reply

Statistics

Topic viewed 698 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!