EldoS | Feel safer!

Software components for data protection, secure storage and transfer

HTTPS Server - untrusted certificate

Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.
Posted: 01/22/2016 14:38:56
by Markus  (Basic support level)
Joined: 12/03/2015
Posts: 6

Ok, I nailed it down to an CRL error.

So I implemented the OnCRLError event. It got the following arguments:

Certificate: my cert
Location: http://crl.startssl.com/sca-server1.crl
Retriever: null
Error Code: 1001

Error Code 1001 means "Validation of CRL's signature failed"

I tried to make a log according to https://www.eldos.com/security/articles/7639.php

But I cant find the object where i have to attach the OnCertValidatorPrepared event :/
Posted: 01/22/2016 15:22:14
by Eugene Mayevski (EldoS Corp.)

Let's proceed with the TElX509CertificateValidator. In order for CRL and OCSP to work you need to add proper initialization lines, as described in the help file (installed on your computer) in the topic of TElX509CertificateValidator . all samples that use TElX509CertificateValidator include those lines.

As for OnCertValidatorPrepaed - the article is talking about other classes. The logging event is present in the certificate validator.

Sincerely yours
Eugene Mayevski



Topic viewed 3978 times



Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!