Export (0) Print
Expand All

X509CertificateValidator Class

Validates an X.509 certificate.

System.Object
  System.IdentityModel.Selectors.X509CertificateValidator
    System.IdentityModel.Tokens.X509NTAuthChainTrustValidator

Namespace:  System.IdentityModel.Selectors
Assembly:  System.IdentityModel (in System.IdentityModel.dll)

public abstract class X509CertificateValidator : ICustomIdentityConfiguration

The X509CertificateValidator type exposes the following members.

  NameDescription
Protected methodX509CertificateValidatorInitializes a new instance of the X509CertificateValidator class.
Top

  NameDescription
Public propertyStatic memberChainTrustGets a validator that validates the X.509 certificate using a trust chain.
Public propertyStatic memberNoneGets a validator that performs no validation on an X.509 certificate. As a result, an X.509 certificate is always considered to be valid.
Public propertyStatic memberPeerOrChainTrustGets a validator that verifies the certificate is in the TrustedPeople certificate store or by building a certificate trust chain. The certificate is trusted if it passes either verification method.
Public propertyStatic memberPeerTrustGets a validator that verifies the certificate is in the TrustedPeople certificate store
Top

  NameDescription
Public methodStatic memberCreateChainTrustValidatorGets a validator that verifies the X.509 certificate by specifying the context and chain policy that is used to build and verify a trust chain.
Public methodStatic memberCreatePeerOrChainTrustValidatorGets a validator that verifies the certificate is in the TrustedPeople certificate store or by specifying the context and chain policy that is used to build a certificate trust chain. The certificate is trusted if it passes either verification method.
Public methodEquals(Object)Determines whether the specified object is equal to the current object. (Inherited from Object.)
Protected methodFinalizeAllows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)
Public methodGetHashCodeServes as the default hash function. (Inherited from Object.)
Public methodGetTypeGets the Type of the current instance. (Inherited from Object.)
Public methodLoadCustomConfigurationWhen overridden in a derived class, loads custom configuration from XML.
Protected methodMemberwiseCloneCreates a shallow copy of the current Object. (Inherited from Object.)
Public methodToStringReturns a string that represents the current object. (Inherited from Object.)
Public methodValidateWhen overridden in a derived class, validates the X.509 certificate.
Top

Use the X509CertificateValidator class to specify how an X.509 certificate is deemed valid. This can be done using by deriving a class from X509CertificateValidator and overriding the Validate method.

public class MyX509CertificateValidator : X509CertificateValidator
{
    string allowedIssuerName;
    public MyX509CertificateValidator(string allowedIssuerName)
    {
        if (allowedIssuerName == null)
        {
            throw new ArgumentNullException("allowedIssuerName");
        }

        this.allowedIssuerName = allowedIssuerName;
    }
    public override void Validate(X509Certificate2 certificate)
    {
        // Check that there is a certificate. 
        if (certificate == null)
        {
            throw new ArgumentNullException("certificate");
        }

        // Check that the certificate issuer matches the configured issuer 
        if (allowedIssuerName != certificate.IssuerName.Name)
        {
            throw new SecurityTokenValidationException
              ("Certificate was not issued by a trusted issuer");
        }
    }
}

.NET Framework

Supported in: 4.6, 4.5, 4, 3.5, 3.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Show:
© 2014 Microsoft