diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2010-04-11 20:40:52 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2010-04-11 20:40:52 -0700 |
| commit | ab236cac214941ab2cd39a8e3019453e975304a5 (patch) | |
| tree | 1bcd4896d6f1f7eebecd77a01ae902fa65ce4b20 | |
| parent | af9ffb2d47e078acb3a1f2f845fd1924a37c4c3e (diff) | |
| download | DotNetOpenAuth-ab236cac214941ab2cd39a8e3019453e975304a5.zip DotNetOpenAuth-ab236cac214941ab2cd39a8e3019453e975304a5.tar.gz DotNetOpenAuth-ab236cac214941ab2cd39a8e3019453e975304a5.tar.bz2 | |
Added logging around certificate verification to try to find perf problem.
| -rw-r--r-- | src/DotNetOpenAuth/OpenId/HostMetaDiscoveryService.cs | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/DotNetOpenAuth/OpenId/HostMetaDiscoveryService.cs b/src/DotNetOpenAuth/OpenId/HostMetaDiscoveryService.cs index 27bc7ee..ba9852e 100644 --- a/src/DotNetOpenAuth/OpenId/HostMetaDiscoveryService.cs +++ b/src/DotNetOpenAuth/OpenId/HostMetaDiscoveryService.cs @@ -234,10 +234,13 @@ namespace DotNetOpenAuth.OpenId { // Verify that we trust the signer of the certificates. // Start by trying to validate just the certificate used to sign the XRDS document, // since we can do that with partial trust. + Logger.OpenId.Debug("Verifying that we trust the certificate used to sign the discovery document."); if (!certs[0].Verify()) { // We couldn't verify just the signing certificate, so try to verify the whole certificate chain. try { + Logger.OpenId.Debug("Verifying the whole certificate chain."); VerifyCertChain(certs); + Logger.OpenId.Debug("Certificate chain verified."); } catch (SecurityException) { Logger.Yadis.Warn("Signing certificate verification failed and we have insufficient code access security permissions to perform certificate chain validation."); ErrorUtilities.ThrowProtocol(OpenIdStrings.X509CertificateNotTrusted); |