Как запросить openldap для публичного сертификата шифрования и получить дату истечения срока действия от usercertificate; двоичный файл
Я пытаюсь создать "certificate explorer", который будет запрашивать наш сервер openldap по "cn=userinfo" и возвращать имя общедоступного сертификата шифрования, адрес электронной почты и дату Validto.
Я могу вернуть CN и почтовую информацию,
Я не могу получить usercertificate;двоичную информацию и разобрать атрибуты.
Что я уже пробовал:
try
{
// Create the new LDAP connection
Console.WriteLine("Attempting LDAP connection.");
LdapDirectoryIdentifier ldi = new LdapDirectoryIdentifier("server.addr.org", 389);
System.DirectoryServices.Protocols.LdapConnection ldapConnection =
new System.DirectoryServices.Protocols.LdapConnection(ldi);
Console.WriteLine("LdapConnection is created successfully.");
//ldapConnection.AuthType = AuthType.Basic;
ldapConnection.AuthType = AuthType.Anonymous;
ldapConnection.SessionOptions.ProtocolVersion = 3;
//NetworkCredential nc = new NetworkCredential("uid=testa,ou=people,dc=ghashd,dc=servebeer,dc=com",
// "zaq12wsx"); //password
NetworkCredential nc = new NetworkCredential();
ldapConnection.Bind(nc);
Console.WriteLine("LdapConnection anonymous authentication successfull");
System.DirectoryServices.Protocols.SearchRequest srch =
//new System.DirectoryServices.Protocols.SearchRequest(dn, filter, System.DirectoryServices.Protocols.SearchScope.Subtree, atrList);
new System.DirectoryServices.Protocols.SearchRequest();
//srch.Filter = "(cn=" + searchString + ")";
//srch.Filter = "(cn=*me*)";
srch.Filter = "(cn=" + searchString + ")";
srch.Scope = System.DirectoryServices.Protocols.SearchScope.Subtree;
srch.DistinguishedName = "o=u.s. government, c=us";
System.DirectoryServices.Protocols.SearchResponse response = (System.DirectoryServices.Protocols.SearchResponse)ldapConnection.SendRequest(srch);
Console.WriteLine("Ldap search request sent");
Console.WriteLine("Number of results: " + response.Entries.Count);
//System.DirectoryServices.Protocols.SearchResultEntry entry = response.Entries[0];
foreach (System.DirectoryServices.Protocols.SearchResultEntry entry in response.Entries)
{
if (m_stop)
{
ldapConnection.Dispose();
break;
}
DirectoryAttribute cn = entry.Attributes["cn"];
DirectoryAttribute mailattr = entry.Attributes["mail"];
DirectoryAttribute binaryAttr = entry.Attributes["usercertificate;binary"];
//Console.WriteLine(" BA Count: " + binaryAttr.Count);
if (entry.Attributes["mail"] != null)
{
Console.WriteLine("Mail count: " + mailattr.Count);
}
//Console.WriteLine("DN: " + entry.DistinguishedName);
//Console.WriteLine("Attr count: " + entry.Attributes.Count);
string email = null;
string name = Convert.ToString(cn[0]);
if (entry.Attributes["mail"] != null)
{
email = Convert.ToString(mailattr[0]);
}
//Console.WriteLine("Name: " + cn[0]);
//Console.WriteLine("Email: " + mailattr[0]);
Console.WriteLine("Name: " + name);
Console.WriteLine("Email: " + email);
//Console.WriteLine("Binary: " + sb);
if (email != null)
{
Console.WriteLine(mailattr.Name + "=" + email);
}
else
{
Console.WriteLine("No Email Attribute assigned");
}
// We have found a matching FileSystemInfo, so let's raise an event:
if (FoundInfo != null && email != null)
{
FoundInfo(new FoundInfoEventArgs(name, email));
}
else if (FoundInfo != null)
{
FoundInfo(new FoundInfoEventArgs(name, "No Email in cert"));
}