X509Certificate validation with SerialNumber or Public Key
https://stackoverflow.com/questions/4248226
-
27-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Can anyone offer some advice on validating a X509Certificate. I am already checking to see if the cert is signed by a trusted root, however I also want to check that the certificate is issued to a known party.
What is the best property to use for this? I'm thinking along the lines of SerialNumber or Public Key but don't fully understand the implications of either. I guess public key lives beyond any reissued certificates, whereas SerialNumber is constrained to a particular certificate issued on a particular date?
Can anyone offer some informed advice?
Edit: It looks like the certificate thumbprint might be the typical way to achieve this.
Solution
I found there is a Thumbprint property which uniquely identifies the exact certificate details.
However in the end I reverted to string matching the Company Name in the Subject, as it's the only way I could know for sure that I could validate renewed or re-issued certificates.
