From 3eb0e163681403de44340253ce8ba8057677015a Mon Sep 17 00:00:00 2001
From: Klaus Fischer <klaus.fischer@eloware.com>
Date: Tue, 20 Sep 2022 14:27:33 +0200
Subject: [PATCH] Cleaned up

---
 FitConnect/Encryption/CertificateHelper.cs | 10 ++++------
 IntegrationTests/CertificateValidation.cs  |  4 +++-
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/FitConnect/Encryption/CertificateHelper.cs b/FitConnect/Encryption/CertificateHelper.cs
index 7392d5f8..146b6792 100644
--- a/FitConnect/Encryption/CertificateHelper.cs
+++ b/FitConnect/Encryption/CertificateHelper.cs
@@ -37,18 +37,16 @@ public class CertificateHelper {
             certificateChain.ChainPolicy.TrustMode = X509ChainTrustMode.CustomRootTrust;
             certificateChain.ChainPolicy.CustomTrustStore.AddRange(rootCertificate);
             certificateChain.ChainPolicy.RevocationMode = X509RevocationMode.Online;
-            certificateChain.ChainPolicy.RevocationFlag = X509RevocationFlag.EndCertificateOnly;
+            certificateChain.ChainPolicy.RevocationFlag = X509RevocationFlag.EntireChain;
             certificateChain.ChainPolicy.VerificationFlags = X509VerificationFlags.NoFlag;
             _logger?.LogDebug("Using custom root certificate");
         }
         else {
-            certificateChain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
+            certificateChain.ChainPolicy.RevocationMode = X509RevocationMode.Online;
             certificateChain.ChainPolicy.RevocationFlag = X509RevocationFlag.EntireChain;
-            certificateChain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllFlags;
-            certificateChain.ChainPolicy.DisableCertificateDownloads = false;
+            certificateChain.ChainPolicy.VerificationFlags = X509VerificationFlags.NoFlag;
         }
-
-
+        
         var result = certificateChain.Build(certificate);
 
         chainStatus = certificateChain.ChainStatus
diff --git a/IntegrationTests/CertificateValidation.cs b/IntegrationTests/CertificateValidation.cs
index 7faae324..e92ba81b 100644
--- a/IntegrationTests/CertificateValidation.cs
+++ b/IntegrationTests/CertificateValidation.cs
@@ -117,7 +117,9 @@ public class CertificateValidation {
     public void TestDvdvCertificate() {
         var content = File.ReadAllText("./certificates/valid_dvdv.json");
         var jwk = new JsonWebKey(content);
-        var result = _certificateHelper.ValidateCertificate(jwk);
+        var result = _certificateHelper.ValidateCertificate(jwk, LogLevel.Error, Directory
+            .GetFiles("./certificates/roots")
+            .Select(file => new X509Certificate2(file)).ToArray());
         result.Should().BeTrue();
     }
 
-- 
GitLab