使CRL缓存无效

Question

有没有办法立即使CRL(证书吊销列表)缓存无效,导致客户端再次下载CRL？

我想在C#中实现它,而无需使用命令行'certutil.exe'.

更好的是能够设置失效时间(如UtcNow + 12hours)

Answer 1

我知道您不想使用certutil.exe，但这样您就可以在应用程序中运行它，而不会显示 cmd 窗口（如果您不想要的话）。

public bool ClearCRLCache()
{
    var pw = new ProcessWrapper();
    var result = pw.Start("certutil.exe", "-urlcache * delete");
    // -2147024637 is the exitcode when the urlcache is empty
    return (result == 0 || result == -2147024637);
}

ProcessWrapper 类：

public class ProcessWrapper
{
    /// <summary>
    /// Output from stderr
    /// </summary>
    public string StdErr { get; private set; }

    /// <summary>
    /// Output from stdout
    /// </summary>
    public string StdOut { get; private set; }

    /// <summary>
    /// Starts a process
    /// </summary>
    /// <param name="command">Executable filename</param>
    /// <returns>Process exitcode</returns>
    public int Start(string command)
    {
        return Start(command, "");
    }

    /// <summary>
    /// Starts a process with commandline arguments
    /// </summary>
    /// <param name="command">Executable filename</param>
    /// <param name="arguments">Commanline arguments for the process</param>
    /// <returns>Process exitcode</returns>
    public int Start(string command, string arguments)
    {
        return Start(command, arguments, "");
    }

    /// <summary>
    /// Starts a process with commandline arguments and working directory
    /// </summary>
    /// <param name="command">Executable filename</param>
    /// <param name="arguments">Commanline arguments for the process</param>
    /// <param name="workingDirectory">Working directory for the process</param>
    /// <returns>Process exitcode</returns>
    public int Start(string command, string arguments, string workingDirectory)
    {
        StdErr = "";
        StdOut = "";
        var proc = new Process();
        proc.StartInfo.FileName = command;
        proc.StartInfo.Arguments = arguments;
        proc.StartInfo.WorkingDirectory = workingDirectory;
        proc.StartInfo.UseShellExecute = false;
        proc.StartInfo.RedirectStandardOutput = true;
        proc.StartInfo.RedirectStandardError = true;
        proc.EnableRaisingEvents = true;
        proc.StartInfo.CreateNoWindow = true;

        // Write messages from stderr to StdErr property
        proc.ErrorDataReceived += (sender, e) =>
        {
            StdErr += e.Data + Environment.NewLine;
        };

        // Write messages from stdout to StdOut property
        proc.OutputDataReceived += (sender, e) =>
        {
            StdOut += e.Data + Environment.NewLine;
        };

        proc.Start();

        proc.BeginErrorReadLine();
        proc.BeginOutputReadLine();

        proc.WaitForExit();
        return proc.ExitCode;
    }
}