<clientCertificate> of <clientCredentials> Element

Switch View

<clientCertificate>

Collapse All

Language Filter

This page is specific to

Microsoft Visual Studio 2008/.NET Framework 3.5

Other versions are also available for the following:

<clientCertificate> of <clientCredentials> Element

Defines an X.509 certificate used to authenticate a client to a service.

Schema Hierarchy

<system.serviceModel>
  <behaviors>
    <endpointBehaviors>
      <behavior> of <endpointBehaviors>
        <clientCredentials>
          <clientCertificate> of <clientCredentials> Element

Syntax

<clientCertificate findValue="String" 
    storeLocation="LocalMachine/CurrentUser"
    storeName="AddressBook/AuthRoot/CertificateAuthority/Disallowed/My/Root/TrustedPeople/TrustedPublisher"
X509FindType="FindByThumbPrint/FindBySubjectName/FindBySubjectDistinguishedName/FindByIssuerName/FindByIssuerDistinguishedName/FindBySerialNumber/FindByTimeValid/FindByTimeNotYetValid/FindByTemplateName/FindByApplicationPolicy/FindByCertificatePolicy/FindByExtension/FindByKeyUsage/FindBySubjectKeyIdentifier"
/>

Attributes and Elements

Attributes

Attribute	Description
findValue	A string that contains the value to search for in the X.509 certificate store. The type contained in the attribute must satisfy the requirements of the X509FindType attribute value. The default is an empty string.
storeLocation	Specifies the location of the X.509 certificate that the client uses to authenticate itself to the service. Valid values include the following: LocalMachine: the certificate store assigned to the local machine. CurrentUser: the certificate store assigned to the current user. The default is LocalMachine. This attribute is of type StoreLocation.
storeName	Specifies the name of the X.509 certificate store to search. Valid values include the following: AddressBook: Certificate store for other users. AuthRoot: Certificate store for third-party certificate authorities (CAs). CertificateAuthority: Certificate store for intermediate certificate authorities (CAs). Disallowed: Certificate store for revoked certificates. My: Certificate store for personal certificates. Root: Certificate store for trusted root certificate authorities (CAs). TrustedPeople: Certificate store for directly trusted people and resources. TrustedPublisher: Certificate store for directly trusted publishers. The default is My. This attribute is of type StoreName.
X509FindType	Defines the type of X.509 search to be executed. The type contained in the findValue attribute must satisfy the requirements of this attribute. Valid values include the following: FindByThumbPrint FindBySubjectName FindBySubjectDistinguishedName FindByIssuerName FindByIssuerDistinguishedName FindBySerialNumber FindByTimeValid FindByTimeNotYetValid FindByTemplateName FindByApplicationPolicy FindByCertificatePolicy FindByExtension FindByKeyUsage FindBySubjectKeyIdentifier The default value is FindBySubjectDistinguishedName. This attribute is of type X509FindType.

Child Elements

None.

Parent Elements

Element	Description
<clientCredentials>	Specifies the credentials used to authenticate the client to a service.

Remarks

This configuration element specifies the certificate used to authenticate the client with this element. For more information, see How to: Specify Client Credential Values.

Reference

ClientCredentialsElement
ClientCertificate
ClientCredentials
ClientCertificate
X509InitiatorCertificateServiceElement
X509CertificateInitiatorClientCredential

Other Resources

Security Behaviors in WCF
How to: Specify Client Credential Values
Securing Clients
Working with Certificates
Securing Services and Clients