Validating Certificate with custom CA public key file?

for a research project within my company I want to validate a HTTPS WebClient connection with a custom CA certificate, without permanently adding it to the systems CA list, or disabling validation altogether via the often seen examples for ServerCertificateValidationCallback {return true;}

I have the 开发者_高级运维CA public key in a .pem file and can load that, however even after hours of looking, I cannot find a way to use that for validating the connection with this certificate.

Just checking the name of the server with the certificate is a bit lame too.....

I imagined at least one of the following to be possible:

a) add the CA public cert to a 'in memory' only CA list b) use the CA public cert directly in a 'validate' call

So far, no luck. Additionally, I wouldn't even be able to validate 'by hand' as many of the relevant elements for that are simply not being exported by the X509Certificate(2) classes.

Am I missing something?

---

If you don't mind third-party options, PKIBlackbox package of our SecureBlackbox lets you perform flexible validation of certificate chains (including CRL and OCSP checking) and can work with certificates in files as well as Windows certificate storages and HSM certificate storages.

SecureBlackbox also includes flexible HTTP/HTTPS client which doesn't depend on other implementations or libraries. SecureBlackbox can be used on .NET, Mono and more.