How to use current datetime for FindByTimeValid value in WCF ServiceCertificate config
How do I use current date & time as the value for the findValue attribute in the ServiceCertificate config when using "FindByTimeValid" for the x509FindType? Using DateTime.Now as bel开发者_C百科ow obiously doesn't work but neither does "2010-10-20 14:35:28Z". I have two certificates on the server with the same details as one of them has expired which is why I'm using this find type value.
For example:
<serviceCredentials>
<serviceCertificate findValue="DateTime.Now" x509FindType="FindByTimeValid" storeLocation="LocalMachine" storeName="My"/>
</serviceCredentials>
Edit: I fixed this by removing the expired certificate but I'm still curious if this is possible.
Thanks
Keith
As no-one seems slightly interested in this question (2 views in a month and I think at least one of them was me) I decided to break out Reflector and have a look at the process and have found the following.
In the X509Certificate2Collection.FindCertInStore(SafeCertStoreHandle safeSourceStoreHandle, X509FindType findType, object findValue, bool validOnly)
method of the System.ServiceModel assembly we have the following code
case X509FindType.FindByTimeValid:
if (findValue.GetType() != typeof(DateTime))
{
throw new CryptographicException(SR.GetString("Cryptography_X509_InvalidFindValue"));
}
As you can see from the signature the findValue comes in as an object which I think is in turn loaded by the config parser as a string which means this will never work.
So the answer is you can't do this though the xml config but you can if you do it programmatically.
精彩评论