Can you add System.Security.Cryptography.X509Certificates into whitelist. So it can be used to verify certificates.
System.Security.Cryptography.X509Certificates is required to verify if a certificate is revoked or not and also validate the certificate chain.
Hi Mohamed! You can validate a client certificate using context.Request.Certificate.Verify() which will check both its validity a revocation list. Does this address your scenario?
If I have my own CA certs how to verify it against that.