已撤销客户端证书

Question

我没有什么问题。我在Windows Server 2003中使用了证书颁发机构，并撤消了客户端证书。 客户端证书已被吊销证书。我尝试验证在winform应用程序撤销该客户端证书在Windows Server 2003的代码是在这里：

private bool VefiryCert(X509Certificate2 cert) 
{ 
    X509Chain chain = new X509Chain(); 
    chain.ChainPolicy.RevocationFlag = X509RevocationFlag.EntireChain; 
    chain.ChainPolicy.RevocationMode = 
     X509RevocationMode.Online; 
    chain.ChainPolicy.UrlRetrievalTimeout = new TimeSpan(0, 0, 1000); 
    chain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllFlags; X509VerificationFlags.AllowUnknownCertificateAuthority; 
    return chain.Build(cert); 
} 

But this client certificate is verify as true。我很迷惑，哪里可以解决问题？我如何检查在winform应用程序中加载并用于验证此客户端证书的撤销列表？

所以问题是我验证客户证书，这是在方法VefiryCert撤销列表（在证书颁发机构），证书验证为TRUE。

有人可以帮我吗？

Answer 1

我在服务器上有类似的问题。我发现，

ServicePointManager.CheckCertificateRevocationList = true; 

打电话让我看到了异常

failed: System.ServiceModel.Security.SecurityNegotiationException : Could not establish trust relationship for the SSL/TLS secure channel with authority 'XXX.XXX.net'. 
----> System.Net.WebException : The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. 
----> System.Security.Authentication.AuthenticationException : The remote certificate is invalid according to the validation procedure.