jgoyvaerts
commented
6 years ago @fretje did you ever get an answer/solution to this? I have the exact same questions as you
Open fretje opened 7 years ago
jgoyvaerts
commented
6 years ago @fretje did you ever get an answer/solution to this? I have the exact same questions as you
fretje
commented
6 years ago Nope, I'm sorry... as you see, I never got an answer... it seems this project is not being maintained...
As far as I remember, I got it to work if I removed the thumbprint checks... but the question is, how secure is it then? This was for a pet project which never got deployed "into the wild"... ;-)
I am trying to get this project working on my machine locally, and after installing the 4 belgian root certificates in my trusted root ca store, at least I hit a breakpoint in the "ValidateX509Certificate" method. But I don't seem te get past that.
(I am trying with my own valid belgian ID card.)
At first the chain.Build method always returned false with a status of "A certificate chain could not be built to a trusted root authority.", and ChainElements only contained one element, being my own ID certificate.
It is only after installing the specific intermediate Citizen CA certificate for my id card in my trusted root ca store that I got past that. Well, the chain.Build method still returns false with a status of "The revocation function was unable to check revocation for the certificate.", but at least now ChainElements contains 4 elements.
The problem is now with the checking of the thumbprints though:
My Citizen CA has another thumbprint, but even none of the 4 belgium root certificates that I have installed (the ones you link to in the readme file) have that second thumbprint you are checking there.
So actually I have 2 issues: