X509Chain X509Chain X509Chain X509Chain Class

정의

X509Certificate2 인증서에 대한 체인 빌딩 엔진을 나타냅니다.Represents a chain-building engine for X509Certificate2 certificates.

public ref class X509Chain : IDisposable
public class X509Chain : IDisposable
type X509Chain = class
    interface IDisposable
Public Class X509Chain
Implements IDisposable
상속
X509ChainX509ChainX509ChainX509Chain
구현

예제

다음 코드 예제에서는 열립니다 현재 사용자의 개인 인증서 저장소에 인증서를 선택할 수 있도록 한 다음 콘솔에 인증서 및 인증서 체인 정보를 씁니다.The following code example opens the current user's personal certificate store, allows you to select a certificate, then writes certificate and certificate chain information to the console. 출력은 선택한 인증서에 따라 달라 집니다.The output depends on the certificate you select.

#using <System.dll>
#using <System.Security.dll>

using namespace System;
using namespace System::Security::Cryptography;
using namespace System::Security::Cryptography::X509Certificates;
using namespace System::IO;

int main()
{
   //Create new X509 store from local certificate store.
   X509Store ^ store = gcnew X509Store( "MY",StoreLocation::CurrentUser );
   store->Open( static_cast<OpenFlags>(OpenFlags::OpenExistingOnly | OpenFlags::ReadWrite) );

   //Output store information.
   Console::WriteLine( "Store Information" );
   Console::WriteLine( "Number of certificates in the store: {0}", store->Certificates->Count );
   Console::WriteLine( "Store location: {0}", store->Location );
   Console::WriteLine( "Store name: {0} {1}", store->Name, Environment::NewLine );

   //Put certificates from the store into a collection so user can select one.
   X509Certificate2Collection ^ fcollection = dynamic_cast<X509Certificate2Collection^>(store->Certificates);
   X509Certificate2Collection ^ collection = X509Certificate2UI::SelectFromCollection(fcollection, "Select an X509 Certificate","Choose a certificate to examine.",X509SelectionFlag::SingleSelection);
   X509Certificate2 ^ certificate = collection[ 0 ];
   X509Certificate2UI::DisplayCertificate(certificate);

   //Output chain information of the selected certificate.
   X509Chain ^ ch = gcnew X509Chain;
   ch->ChainPolicy->RevocationMode = X509RevocationMode::Online;
   ch->Build( certificate );
   Console::WriteLine( "Chain Information" );
   Console::WriteLine( "Chain revocation flag: {0}", ch->ChainPolicy->RevocationFlag );
   Console::WriteLine( "Chain revocation mode: {0}", ch->ChainPolicy->RevocationMode );
   Console::WriteLine( "Chain verification flag: {0}", ch->ChainPolicy->VerificationFlags );
   Console::WriteLine( "Chain verification time: {0}", ch->ChainPolicy->VerificationTime );
   Console::WriteLine( "Chain status length: {0}", ch->ChainStatus->Length );
   Console::WriteLine( "Chain application policy count: {0}", ch->ChainPolicy->ApplicationPolicy->Count );
   Console::WriteLine( "Chain certificate policy count: {0} {1}", ch->ChainPolicy->CertificatePolicy->Count, Environment::NewLine );

   //Output chain element information.
   Console::WriteLine( "Chain Element Information" );
   Console::WriteLine( "Number of chain elements: {0}", ch->ChainElements->Count );
   Console::WriteLine( "Chain elements synchronized? {0} {1}", ch->ChainElements->IsSynchronized, Environment::NewLine );
   System::Collections::IEnumerator^ myEnum = ch->ChainElements->GetEnumerator();
   while ( myEnum->MoveNext() )
   {
      X509ChainElement ^ element = safe_cast<X509ChainElement ^>(myEnum->Current);
      Console::WriteLine( "Element issuer name: {0}", element->Certificate->Issuer );
      Console::WriteLine( "Element certificate valid until: {0}", element->Certificate->NotAfter );
      Console::WriteLine( "Element certificate is valid: {0}", element->Certificate->Verify() );
      Console::WriteLine( "Element error status length: {0}", element->ChainElementStatus->Length );
      Console::WriteLine( "Element information: {0}", element->Information );
      Console::WriteLine( "Number of element extensions: {0}{1}", element->Certificate->Extensions->Count, Environment::NewLine );
      if ( ch->ChainStatus->Length > 1 )
      {
         for ( int index = 0; index < element->ChainElementStatus->Length; index++ )
         {
            Console::WriteLine( element->ChainElementStatus[ index ].Status );
            Console::WriteLine( element->ChainElementStatus[ index ].StatusInformation );
         }
      }
   }

   store->Close();
}
using System;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.IO;

class TestX509Chain
{
    static void Main(string[] args)
    {
        //Create new X509 store from local certificate store.
        X509Store store = new X509Store("MY", StoreLocation.CurrentUser);
        store.Open(OpenFlags.OpenExistingOnly | OpenFlags.ReadWrite);

        //Output store information.
        Console.WriteLine ("Store Information");
        Console.WriteLine ("Number of certificates in the store: {0}", store.Certificates.Count);
        Console.WriteLine ("Store location: {0}", store.Location);
        Console.WriteLine ("Store name: {0} {1}", store.Name, Environment.NewLine);
    
        //Put certificates from the store into a collection so user can select one.
        X509Certificate2Collection fcollection = (X509Certificate2Collection)store.Certificates;
        X509Certificate2Collection collection = X509Certificate2UI.SelectFromCollection(fcollection, "Select an X509 Certificate", "Choose a certificate to examine.", X509SelectionFlag.SingleSelection);
        X509Certificate2 certificate = collection[0];
        X509Certificate2UI.DisplayCertificate(certificate);

        //Output chain information of the selected certificate.
        X509Chain ch = new X509Chain();
        ch.ChainPolicy.RevocationMode = X509RevocationMode.Online;
        ch.Build (certificate);
        Console.WriteLine ("Chain Information");
        Console.WriteLine ("Chain revocation flag: {0}", ch.ChainPolicy.RevocationFlag);
        Console.WriteLine ("Chain revocation mode: {0}", ch.ChainPolicy.RevocationMode);
        Console.WriteLine ("Chain verification flag: {0}", ch.ChainPolicy.VerificationFlags);
        Console.WriteLine ("Chain verification time: {0}", ch.ChainPolicy.VerificationTime);
        Console.WriteLine ("Chain status length: {0}", ch.ChainStatus.Length);
        Console.WriteLine ("Chain application policy count: {0}", ch.ChainPolicy.ApplicationPolicy.Count);
        Console.WriteLine ("Chain certificate policy count: {0} {1}", ch.ChainPolicy.CertificatePolicy.Count, Environment.NewLine);

        //Output chain element information.
        Console.WriteLine ("Chain Element Information");
        Console.WriteLine ("Number of chain elements: {0}", ch.ChainElements.Count);
        Console.WriteLine ("Chain elements synchronized? {0} {1}", ch.ChainElements.IsSynchronized, Environment.NewLine);
    
        foreach (X509ChainElement element in ch.ChainElements)
        {
            Console.WriteLine ("Element issuer name: {0}", element.Certificate.Issuer);
            Console.WriteLine ("Element certificate valid until: {0}", element.Certificate.NotAfter);
            Console.WriteLine ("Element certificate is valid: {0}", element.Certificate.Verify ());
            Console.WriteLine ("Element error status length: {0}", element.ChainElementStatus.Length);
            Console.WriteLine ("Element information: {0}", element.Information);
            Console.WriteLine ("Number of element extensions: {0}{1}", element.Certificate.Extensions.Count, Environment.NewLine);

            if (ch.ChainStatus.Length > 1)
            {
                for (int index = 0; index < element.ChainElementStatus.Length; index++)
                {
                    Console.WriteLine (element.ChainElementStatus[index].Status);
                    Console.WriteLine (element.ChainElementStatus[index].StatusInformation);
                }
            }
        }
        store.Close();
    }
}
Imports System.Security.Cryptography
Imports System.Security.Cryptography.X509Certificates
Imports System.IO

Class TestX509Chain

    Shared Sub Main(ByVal args() As String)
        'Create new X509 store from local certificate store.
        Dim store As New X509Store("MY", StoreLocation.CurrentUser)
        store.Open(OpenFlags.OpenExistingOnly Or OpenFlags.ReadWrite)

        'Output store information.
        Console.WriteLine("Store Information")
        Console.WriteLine("Number of certificates in the store: {0}", store.Certificates.Count)
        Console.WriteLine("Store location: {0}", store.Location)
        Console.WriteLine("Store name: {0} {1}", store.Name, Environment.NewLine)

        'Put certificates from the store into a collection so user can select one.
        Dim fcollection As X509Certificate2Collection = CType(store.Certificates, X509Certificate2Collection)
        Dim collection As X509Certificate2Collection = X509Certificate2UI.SelectFromCollection(fcollection, "Select an X509 Certificate", "Choose a certificate to examine.", X509SelectionFlag.SingleSelection)
        Dim certificate As X509Certificate2 = collection(0)
        X509Certificate2UI.DisplayCertificate(certificate)

        'Output chain information of the selected certificate.
        Dim ch As New X509Chain()
        ch.ChainPolicy.RevocationMode = X509RevocationMode.Online
        ch.Build(certificate)
        Console.WriteLine("Chain Information")
        Console.WriteLine("Chain revocation flag: {0}", ch.ChainPolicy.RevocationFlag)
        Console.WriteLine("Chain revocation mode: {0}", ch.ChainPolicy.RevocationMode)
        Console.WriteLine("Chain verification flag: {0}", ch.ChainPolicy.VerificationFlags)
        Console.WriteLine("Chain verification time: {0}", ch.ChainPolicy.VerificationTime)
        Console.WriteLine("Chain status length: {0}", ch.ChainStatus.Length)
        Console.WriteLine("Chain application policy count: {0}", ch.ChainPolicy.ApplicationPolicy.Count)
        Console.WriteLine("Chain certificate policy count: {0} {1}", ch.ChainPolicy.CertificatePolicy.Count, Environment.NewLine)

        'Output chain element information.
        Console.WriteLine("Chain Element Information")
        Console.WriteLine("Number of chain elements: {0}", ch.ChainElements.Count)
        Console.WriteLine("Chain elements synchronized? {0} {1}", ch.ChainElements.IsSynchronized, Environment.NewLine)

        Dim element As X509ChainElement
        For Each element In ch.ChainElements
            Console.WriteLine("Element issuer name: {0}", element.Certificate.Issuer)
            Console.WriteLine("Element certificate valid until: {0}", element.Certificate.NotAfter)
            Console.WriteLine("Element certificate is valid: {0}", element.Certificate.Verify())
            Console.WriteLine("Element error status length: {0}", element.ChainElementStatus.Length)
            Console.WriteLine("Element information: {0}", element.Information)
            Console.WriteLine("Number of element extensions: {0}{1}", element.Certificate.Extensions.Count, Environment.NewLine)

            If ch.ChainStatus.Length > 1 Then
                Dim index As Integer
                For index = 0 To element.ChainElementStatus.Length
                    Console.WriteLine(element.ChainElementStatus(index).Status)
                    Console.WriteLine(element.ChainElementStatus(index).StatusInformation)
                Next index
            End If
        Next element
        store.Close()
    End Sub
End Class

설명

합니다 X509Chain 개체에는 전역 오류 상태 ChainStatus 인증서 유효성 검사에 사용 해야 하는 합니다.The X509Chain object has a global error status called ChainStatus that should be used for certificate validation. 인증서 유효성 검사를 제어 하는 규칙은 복잡 하 고 포함 된 요소 중 하나 이상의 오류 상태를 무시 하 여 유효성 검사 논리를 지나치게 단순화할 하기 쉽습니다.The rules governing certificate validation are complex, and it is easy to oversimplify the validation logic by ignoring the error status of one or more of the elements involved. 전역 오류 상태 체인에 있는 각 요소의 상태를 고려 합니다.The global error status takes into consideration the status of each element in the chain.

중요

부터 합니다 .NET Framework 4.6.NET Framework 4.6이 구현 입력는 IDisposable 인터페이스입니다.Starting with the .NET Framework 4.6.NET Framework 4.6, this type implements the IDisposable interface. 형식을 사용 하 여 마쳤으면 직접 또는 간접적으로의 삭제 해야 있습니다.When you have finished using the type, you should dispose of it either directly or indirectly. 직접 형식의 dispose 호출 해당 Dispose 의 메서드를 try / catch 블록입니다.To dispose of the type directly, call its Dispose method in a try/catch block. 삭제 하지 직접, 언어 구문 같은 사용 using (C#에서) 또는 Using (Visual Basic에서는).To dispose of it indirectly, use a language construct such as using (in C#) or Using (in Visual Basic). 자세한 내용은 "를 사용 하는 개체는 구현 IDisposable" 섹션을 참조 하세요.를 IDisposable 인터페이스 항목입니다.For more information, see the "Using an Object that Implements IDisposable" section in the IDisposable interface topic.

대상으로 하는 앱에 대 한는 .NET Framework 4.5.2.NET Framework 4.5.2 및 이전 버전의 X509Chain 클래스를 구현 하지 않습니다는 IDisposable 인터페이스 없고 따라서를 Dispose 메서드.For apps that target the .NET Framework 4.5.2.NET Framework 4.5.2 and earlier versions, the X509Chain class does not implement the IDisposable interface and therefore does not have a Dispose method.

생성자

X509Chain() X509Chain() X509Chain() X509Chain()

X509Chain 클래스의 새 인스턴스를 초기화합니다.Initializes a new instance of the X509Chain class.

X509Chain(Boolean) X509Chain(Boolean) X509Chain(Boolean) X509Chain(Boolean)

컴퓨터 컨텍스트의 사용 여부를 나타내는 값을 지정하는 X509Chain 클래스의 새 인스턴스를 초기화합니다.Initializes a new instance of the X509Chain class specifying a value that indicates whether the machine context should be used.

X509Chain(IntPtr) X509Chain(IntPtr) X509Chain(IntPtr) X509Chain(IntPtr)

X.509 체인에 대한 X509Chain 핸들을 사용하여 IntPtr 클래스의 새 인스턴스를 초기화합니다.Initializes a new instance of the X509Chain class using an IntPtr handle to an X.509 chain.

속성

ChainContext ChainContext ChainContext ChainContext

X.509 체인에 대한 핸들을 가져옵니다.Gets a handle to an X.509 chain.

ChainElements ChainElements ChainElements ChainElements

X509ChainElement 개체의 컬렉션입니다.Gets a collection of X509ChainElement objects.

ChainPolicy ChainPolicy ChainPolicy ChainPolicy

X.509 인증서 체인 빌드 시 사용할 X509ChainPolicy를 가져오거나 설정합니다.Gets or sets the X509ChainPolicy to use when building an X.509 certificate chain.

ChainStatus ChainStatus ChainStatus ChainStatus

X509Chain 개체에 포함된 각 요소의 상태를 가져옵니다.Gets the status of each element in an X509Chain object.

SafeHandle SafeHandle SafeHandle SafeHandle

X509Chain 인스턴스에 대한 SafeHandle을 가져옵니다.Gets a safe handle for this X509Chain instance.

메서드

Build(X509Certificate2) Build(X509Certificate2) Build(X509Certificate2) Build(X509Certificate2)

X509ChainPolicy에 지정된 정책을 사용하여 X.509 체인을 빌드합니다.Builds an X.509 chain using the policy specified in X509ChainPolicy.

Create() Create() Create() Create()

CryptoConfig 파일에 정의된 매핑을 쿼리한 후에 X509Chain 개체를 만들고 체인을 해당 매핑에 매핑합니다.Creates an X509Chain object after querying for the mapping defined in the CryptoConfig file, and maps the chain to that mapping.

Dispose() Dispose() Dispose() Dispose()

X509Chain에서 사용하는 리소스를 모두 해제합니다.Releases all of the resources used by this X509Chain.

Dispose(Boolean) Dispose(Boolean) Dispose(Boolean) Dispose(Boolean)

X509Chain에서 사용하는 비관리형 리소스를 해제하고, 관리형 리소스를 선택적으로 해제할 수 있습니다.Releases the unmanaged resources used by this X509Chain, and optionally releases the managed resources.

Equals(Object) Equals(Object) Equals(Object) Equals(Object)

지정한 개체와 현재 개체가 같은지 여부를 확인합니다.Determines whether the specified object is equal to the current object.

(Inherited from Object)
Finalize() Finalize() Finalize() Finalize()
GetHashCode() GetHashCode() GetHashCode() GetHashCode()

기본 해시 함수로 작동합니다.Serves as the default hash function.

(Inherited from Object)
GetType() GetType() GetType() GetType()

현재 인스턴스의 Type을 가져옵니다.Gets the Type of the current instance.

(Inherited from Object)
MemberwiseClone() MemberwiseClone() MemberwiseClone() MemberwiseClone()

현재 Object의 단순 복사본을 만듭니다.Creates a shallow copy of the current Object.

(Inherited from Object)
Reset() Reset() Reset() Reset()

현재 X509Chain 개체를 지웁니다.Clears the current X509Chain object.

ToString() ToString() ToString() ToString()

현재 개체를 나타내는 문자열을 반환합니다.Returns a string that represents the current object.

(Inherited from Object)

적용 대상