Skip to content

Commit 185d185

Browse files
authored
Remove increment inside loop when validating intermediate CA (#4780)
This commit fixes a bug when validating an intermediate CA to remove the increment inside of the loop, since it is incremented outside the loop already. Don't check the certificate thumbprint against the CA thumbprint if it's already been found. Fixes #4717
1 parent e324c91 commit 185d185

File tree

1 file changed

+1
-3
lines changed

1 file changed

+1
-3
lines changed

src/Elasticsearch.Net/Connection/CertificateValidations.cs

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -119,12 +119,10 @@ X509RevocationMode revocationMode
119119
{
120120
var c = chain.ChainElements[i].Certificate.Thumbprint;
121121
var cPrivate = privateChain.ChainElements[i].Certificate.Thumbprint;
122-
if (c == ca.Thumbprint) found = true;
122+
if (!found && c == ca.Thumbprint) found = true;
123123

124124
//mis aligned certificate chain, return false so we do not accept this certificate
125125
if (c != cPrivate) return false;
126-
127-
i++;
128126
}
129127
return found;
130128
}

0 commit comments

Comments
 (0)