Is it safe to test the X509Certificate.Thumbprint property when you know an invalid certificate is safe?

by

Yes.

The thumbprint is a SHA1 hash of the certificate, and while not absolutely impossible, is extremely difficult to forge.

In technical terms, there are currently no known feasable second-preimage attacks on SHA1.

However, if in any doubt, you may store the whole certificate, perhaps using the fingerprint as a key. Then you can compare the whole certificate against your stored, trusted certificate.

More Related Contents:

  1. Associate a private key with the X509Certificate2 class in .net
  2. Could not establish trust relationship for SSL/TLS secure channel — SOAP
  3. Which TLS version was negotiated?
  4. How can I send emails through SSL SMTP with the .NET Framework?
  5. C# Ignore certificate errors?
  6. What exactly happens when I set LoadUserProfile of IIS pool?
  7. X509Certificate Constructor Exception
  8. Generate a self-signed certificate on the fly
  9. Enable SSL in Visual Studio
  10. Check ssl protocol, cipher & other properties in an asp.net mvc 4 application
  11. CryptographicException was unhandled: System cannot find the specified file
  12. How to set read permission on the private key file of X.509 certificate from .NET
  13. Debugging failing HTTPS WebRequest
  14. Can I reuse HttpWebRequest without disconnecting from the server?
  15. Is TLS 1.1 and TLS 1.2 enabled by default for .NET 4.5 and .NET 4.5.1?
  16. Best way to reverse a string
  17. Difference in months between two dates
  18. How to compare values of generic types?
  19. String interning in .Net Framework – What are the benefits and when to use interning
  20. Generate N random and unique numbers within a range
  21. Win32Exception Not enough storage is available to process this command
  22. Convert string to Color in C#
  23. WPF: The name does not exist in the namespace [duplicate]
  24. good Speech recognition API
  25. Input string was not in a correct format #2
  26. Convert string to hex-string in C#
  27. How to get the current date without the time?
  28. Why is processing a sorted array slower than an unsorted array?
  29. ServiceController permissions in Windows 7
  30. Why is a cast required for byte subtraction in C#? [duplicate]

Leave a Comment