Re: Checking for certificate revocation

From: Chris Williamson (catharticmomentusenet_at_yahoo.co.uk)
Date: 12/07/04


Date: 7 Dec 2004 04:26:54 -0800

Hi,

Our network people have just confirmed that the reply from Thawte is
being blocked by our firewall, hence the request times out, delaying
loading of the dialog containg the 3rd party component.

That still leaves me wondering. Why does the certificate need to be
checked at all?

It seems very odd that whereas the .NET runtime will quite happily load
up a component without any certificate attached from the local hard
drive (as well as native code and other such security nasties), if a
certificate is present then it must be checked before the code can be
trusted. Is this standard .NET behaviour, or something that must have
been added by the component authors?

Any insight into what is going on, or how to disable certificate
checking for the component would be appreciated.
Thanks,

         Chris



Relevant Pages

  • Re: Checking for certificate revocation
    ... loading of the dialog containg the 3rd party component. ... Why does the certificate need to be ... It seems very odd that whereas the .NET runtime will quite happily load ... drive (as well as native code and other such security nasties), ...
    (microsoft.public.dotnet.security)
  • Re: SSL on CF ( Trust Failure )
    ... no. I've done certificate validation using the Crypto API ... (native code), generally, and that seems to work for me. ... "CheckValidation" method of policy class. ...
    (microsoft.public.dotnet.framework.compactframework)
  • CERTCA Web Sote Broken!
    ... certificate on my IIS server and encountered an infinite loop of page ... loading and Downloading Activex control. ... A message box saying "Downloading ActiveX control". ...
    (microsoft.public.win2000.security)
  • MS SectTest site not working...
    ... certificate on my IIS server and encountered an infinite loop of page ... loading and Downloading Activex control. ... A message box saying "Downloading ActiveX control". ...
    (microsoft.public.inetserver.iis.security)
  • using p12 Certificate - converting to x509 What am I doing wrong?
    ... I am trying to use a p12 certificate to access a secure site. ... I am loading in the certificate then converting it to a x509 cert. ...
    (microsoft.public.dotnet.security)