X509Chain.Build(X509Certificate2) Method

Reference

Definition

Namespace:: System.Security.Cryptography.X509Certificates

Assembly:: System.Security.Cryptography.X509Certificates.dll

Assembly:: System.Security.Cryptography.dll

Assembly:: System.dll

Assembly:: netstandard.dll

Source:: X509Chain.cs

Source:: X509Chain.cs

Source:: X509Chain.cs

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Builds an X.509 chain using the policy specified in X509ChainPolicy.

public:
 bool Build(System::Security::Cryptography::X509Certificates::X509Certificate2 ^ certificate);

public bool Build (System.Security.Cryptography.X509Certificates.X509Certificate2 certificate);

[System.Runtime.Versioning.UnsupportedOSPlatform("browser")]
public bool Build (System.Security.Cryptography.X509Certificates.X509Certificate2 certificate);

member this.Build : System.Security.Cryptography.X509Certificates.X509Certificate2 -> bool

[<System.Runtime.Versioning.UnsupportedOSPlatform("browser")>]
member this.Build : System.Security.Cryptography.X509Certificates.X509Certificate2 -> bool

Public Function Build (certificate As X509Certificate2) As Boolean

Parameters

certificate: X509Certificate2

An X509Certificate2 object.

Returns

Boolean

true if the X.509 certificate is valid; otherwise, false.

Attributes: UnsupportedOSPlatformAttribute

Exceptions

ArgumentException

The certificate is not a valid certificate or is null.

CryptographicException

The certificate is unreadable.

Examples

The following code example opens the current user's personal certificate store, allows you to select a certificate, then writes certificate and certificate chain information to the console. The output depends on the certificate you select.

//Output chain information of the selected certificate.
X509Chain ^ ch = gcnew X509Chain;
ch->ChainPolicy->RevocationMode = X509RevocationMode::Online;
ch->Build( certificate );
Console::WriteLine( "Chain Information" );
Console::WriteLine( "Chain revocation flag: {0}", ch->ChainPolicy->RevocationFlag );
Console::WriteLine( "Chain revocation mode: {0}", ch->ChainPolicy->RevocationMode );
Console::WriteLine( "Chain verification flag: {0}", ch->ChainPolicy->VerificationFlags );
Console::WriteLine( "Chain verification time: {0}", ch->ChainPolicy->VerificationTime );
Console::WriteLine( "Chain status length: {0}", ch->ChainStatus->Length );
Console::WriteLine( "Chain application policy count: {0}", ch->ChainPolicy->ApplicationPolicy->Count );
Console::WriteLine( "Chain certificate policy count: {0} {1}", ch->ChainPolicy->CertificatePolicy->Count, Environment::NewLine );

//Output chain information of the selected certificate.
X509Chain ch = new X509Chain();
ch.ChainPolicy.RevocationMode = X509RevocationMode.Online;
ch.Build (certificate);
Console.WriteLine ("Chain Information");
Console.WriteLine ("Chain revocation flag: {0}", ch.ChainPolicy.RevocationFlag);
Console.WriteLine ("Chain revocation mode: {0}", ch.ChainPolicy.RevocationMode);
Console.WriteLine ("Chain verification flag: {0}", ch.ChainPolicy.VerificationFlags);
Console.WriteLine ("Chain verification time: {0}", ch.ChainPolicy.VerificationTime);
Console.WriteLine ("Chain status length: {0}", ch.ChainStatus.Length);
Console.WriteLine ("Chain application policy count: {0}", ch.ChainPolicy.ApplicationPolicy.Count);
Console.WriteLine ("Chain certificate policy count: {0} {1}", ch.ChainPolicy.CertificatePolicy.Count, Environment.NewLine);

'Output chain information of the selected certificate.
Dim ch As New X509Chain()
ch.ChainPolicy.RevocationMode = X509RevocationMode.Online
ch.Build(certificate)
Console.WriteLine("Chain Information")
Console.WriteLine("Chain revocation flag: {0}", ch.ChainPolicy.RevocationFlag)
Console.WriteLine("Chain revocation mode: {0}", ch.ChainPolicy.RevocationMode)
Console.WriteLine("Chain verification flag: {0}", ch.ChainPolicy.VerificationFlags)
Console.WriteLine("Chain verification time: {0}", ch.ChainPolicy.VerificationTime)
Console.WriteLine("Chain status length: {0}", ch.ChainStatus.Length)
Console.WriteLine("Chain application policy count: {0}", ch.ChainPolicy.ApplicationPolicy.Count)
Console.WriteLine("Chain certificate policy count: {0} {1}", ch.ChainPolicy.CertificatePolicy.Count, Environment.NewLine)

Remarks

Note that a valid X.509 certificate from a trusted issuer is valid only for the use specified in the X509ChainPolicy object. Certificates that meet these chain policy rules might still be invalid for specific uses with such features as Security/MIME (SMIME), Authenticode, or Secure Sockets Layer (SSL). If further processing is required to determine whether the certificate is valid for a specific policy, derive a class from X509Chain and override the Build method so that it calls the base class Build method first, and then does the additional processing.

Applies to