EldoS | Feel safer!

Software components for data protection, secure storage and transfer


Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.
Posted: 12/21/2010 06:51:47
by Alexandre Vouez (Basic support level)
Joined: 12/21/2010
Posts: 2


My company is very interested to use your solution to check revocation-list of certificate with ocsp protocol.
I downloaded secure black box for .net 2008 trial version.
But i'm surprised that issuer certificate is asked to make the check.

We would like offer to our customer a solution to validate signed file with a website in asp.net, Customer must upload the file and the xml(who contain signature), then It's easy to recrate user certificate from xml but I don't see how to retrieve issuer certificate in this case.
Is it mandatory to have issuer certificate?

Thanks for your help

Posted: 12/21/2010 07:21:56
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for interesting in our products.

Only the certificate, whose issuer (CA) certificate is available, can be checked using OCSP.
Posted: 12/21/2010 07:30:13
by Eugene Mayevski (EldoS Corp.)

You should also note, that the certificate can be validated properly only when the complete certificate chain can be built up to the root CA certificate. So if you don't have an issuer certificate, you won't be able to validate the certificate used to sign the data, no matter whether you use OCSP or CRL checking or plain chain validation.

Sincerely yours
Eugene Mayevski



Topic viewed 683 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!