CertificateChain Class

Assembly: System.Net.Primitives.dll

Represents a chain of certificates that can be used to establish trust.

Introduction
Syntax
Remarks
Constructors
Properties
Methods
Example

Introduction

The CertificateChain class is used in cryptography to represent a sequence of certificates that link a specific certificate back to a trusted root certificate. This chain is essential for validating the authenticity and trustworthiness of a digital certificate.

Syntax


                    public sealed class CertificateChain

Remarks

A certificate chain is formed by a series of certificates where each certificate, except for the last one, is signed by the issuer of the next certificate in the chain. The last certificate in the chain is typically a self-signed certificate from a trusted Certificate Authority (CA).

When a client or server receives a certificate, it must be validated. This validation process involves building and examining the certificate chain to ensure that the certificate can be trusted.

Constructors

Name	Description
`CertificateChain()`	Initializes a new instance of the `CertificateChain` class.

Properties

Name	Description
`ChainElements`	Gets a collection of `X509ChainElement` objects that represent the certificates in the chain.
`ChainPolicy`	Gets or sets the policy for the certificate chain.
`ChainStatus`	Gets an array of `X509ChainStatus` objects that describe the status of the certificate chain.
`FormattedChainStatus`	Gets a formatted string representing the status of the certificate chain.
`IsRooted`	Gets a value indicating whether the certificate chain is rooted in a trusted certificate.
`SafeHandle`	Gets a handle to the underlying native object.

Methods

Name	Description
`Build(X509Certificate2 certificate)`	Builds a certificate chain for the specified certificate.
`Dispose()`	Releases all resources used by the `CertificateChain`.
`Dispose(bool disposing)`	Releases the unmanaged resources used by the `CertificateChain` and optionally releases the managed resources.

Example

The following example demonstrates how to build and examine a certificate chain for a given certificate.

                
                    // C# Example

                    using System;

                    using System.Net.Security;

                    using System.Security.Cryptography.X509Certificates;

                    public class CertificateChainExample {

                        public static void Main(string[] args) {

                            // Assume 'myCertificate' is an X509Certificate2 object

                            X509Certificate2 myCertificate = new X509Certificate2("path/to/your/certificate.cer");

                            using (CertificateChain chain = new CertificateChain()) {

                                bool success = chain.Build(myCertificate);

                                if (success) {

                                    Console.WriteLine("Certificate chain built successfully.");

                                    Console.WriteLine("Chain Status: {0}", chain.FormattedChainStatus);

                                    foreach (X509ChainElement element in chain.ChainElements) {

                                        Console.WriteLine($"- {element.Certificate.Subject.Name}");

                                    }

                                }

                                else {

                                    Console.WriteLine("Failed to build certificate chain.");

                                    Console.WriteLine("Chain Status: {0}", chain.FormattedChainStatus);

                                }

                            }

                        }

                    }

MSDN Library