Our application currently validates server certificates in unmanaged code using openssl (http://www.openssl.org/docs/crypto/X509_verify_cert.html). We are moving that into managed code. I have the X509 certificate being marshalled over into the managed side, but how to validate that certificate in C#?
a) Is there a simple way to validate that certificate against the currently installed trusted roots?
b) If not, what is the manual process to validate? Is it documented somewhere?
I've explored the classes in Mono.Security.X509, which gives me tools to work with certificates and stores, but I'm having trouble connecting the dots.
EDIT I added my ultimate solution below. I would welcome further feedback on the approach.