EldoS | Feel safer!

Software components for data protection, secure storage and transfer

HTTPS Server - untrusted certificate

Posted: 01/22/2016 14:38:56
by Markus  (Basic support level)
Joined: 12/03/2015
Posts: 6

Ok, I nailed it down to an CRL error.

So I implemented the OnCRLError event. It got the following arguments:

Certificate: my cert
Location: http://crl.startssl.com/sca-server1.crl
Retriever: null
Error Code: 1001

Error Code 1001 means "Validation of CRL's signature failed"

I tried to make a log according to https://www.eldos.com/security/articles/7639.php

But I cant find the object where i have to attach the OnCertValidatorPrepared event :/
Posted: 01/22/2016 15:22:14
by Eugene Mayevski (Team)

Let's proceed with the TElX509CertificateValidator. In order for CRL and OCSP to work you need to add proper initialization lines, as described in the help file (installed on your computer) in the topic of TElX509CertificateValidator . all samples that use TElX509CertificateValidator include those lines.

As for OnCertValidatorPrepaed - the article is talking about other classes. The logging event is present in the certificate validator.

Sincerely yours
Eugene Mayevski



Topic viewed 5368 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!