C# .net 6.0 ChainPolicy.Build allows a CRL with a not before date in the future to pass
There is a test in the Fault Bridge Test stack for the FIPS 201/Ficam Testing program that has a certificate chain that includes one with a CRL with a not before date in the future.
ChainPolicy.Build is allowing this to pass when it shouldn't.
How can I fix this?
@Richard Turbeville , Welcome to Microsoft Q&A, What is your kind of your certificate? Do you use the X509Chain.Build(X509Certificate2) Method?
Yes, I am using the X509Chain.Build method.
Not sure exactly what you mean about "kind of your certificate". The certificates I am verifying are off of the FICAM test cards used for the FIPS 201/Ficam Testing.
In this particular test there is a chain of test certificates one of which has a CRL that has a not before date in the future. The chain build allows this to pass when it appears it should not.
There is not enough allowable characters to include a sample certificate or chain in a reply. If there is a way to get them to you I would be happy to send them.
Sign in to comment