开发者

How to use current datetime for FindByTimeValid value in WCF ServiceCertificate config

开发者 https://www.devze.com 2023-01-21 03:14 出处:网络
How do I use current date & time as the value for the findValue attribute in the ServiceCertificate config when using \"FindByTimeValid\" for the x509FindType? Using DateTime.Now as bel开发者_C百科

How do I use current date & time as the value for the findValue attribute in the ServiceCertificate config when using "FindByTimeValid" for the x509FindType? Using DateTime.Now as bel开发者_C百科ow obiously doesn't work but neither does "2010-10-20 14:35:28Z". I have two certificates on the server with the same details as one of them has expired which is why I'm using this find type value.

For example:

<serviceCredentials>
        <serviceCertificate findValue="DateTime.Now" x509FindType="FindByTimeValid" storeLocation="LocalMachine" storeName="My"/>
</serviceCredentials>

Edit: I fixed this by removing the expired certificate but I'm still curious if this is possible.

Thanks

Keith


As no-one seems slightly interested in this question (2 views in a month and I think at least one of them was me) I decided to break out Reflector and have a look at the process and have found the following.

In the X509Certificate2Collection.FindCertInStore(SafeCertStoreHandle safeSourceStoreHandle, X509FindType findType, object findValue, bool validOnly) method of the System.ServiceModel assembly we have the following code

case X509FindType.FindByTimeValid:
if (findValue.GetType() != typeof(DateTime))
{
    throw new CryptographicException(SR.GetString("Cryptography_X509_InvalidFindValue"));
}

As you can see from the signature the findValue comes in as an object which I think is in turn loaded by the config parser as a string which means this will never work.

So the answer is you can't do this though the xml config but you can if you do it programmatically.

0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号