Find out if X509Certificate2 is revoked?

Question

How can I figure out if an X509Certificate2 has been revoked? I assume the Verify() method checks it, but it doesn't explicitly state it in the help. Does anybody know?

Also: does the Verify() check if the certificate is expired?

Answer 1

Have you tried using the X509Chain?

var chain = new X509Chain();
chain.ChainPolicy.RevocationMode = X509RevocationMode.Online;
chain.ChainPolicy.RevocationFlag = X509RevocationFlag.EntireChain;
chain.ChainPolicy.UrlRetrievalTimeout = new TimeSpan(1000);
chain.ChainPolicy.VerificationTime = DateTime.Now;
var elementValid = chain.Build (x509certificate);