How to verify X509 cert without importing root cert?
I opened an Issue on dotnet/corefx and they replied as follows: If AllowUnknownCertificateAuthority is the only flag set then chain.Build() will return true if The chain correctly terminated in a self-signed certificate (via ExtraStore, or searched persisted stores) None of the certificates are invalid per the requested revocation policy All of the certificates are valid … Read more