I'm trying to perform online CRL checking in Azure Functions. The chain builds well, but CRL online checks always fail:
Chain verification status.....: RevocationStatusUnknown
Chain verification result.....: The revocation function was unable to check revocation for the certificate.
Chain verification status.....: OfflineRevocation
Chain verification result.....: The revocation function was unable to check revocation because the revocation server was offline.
The CRL server of the certificate in question is however reachable and the CRL can be downloaded manually from public Internet.
Flags to build the chain:
X509Chain chain = new X509Chain();
chain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;
chain.ChainPolicy.RevocationMode = X509RevocationMode.Online;
chain.ChainPolicy.RevocationFlag = X509RevocationFlag.EndCertificateOnly;
Any idea what's wrong?
Thanks,
Dietmar