X509CertificateValidator Class

.NET Framework Class Library

Validates an X.509 certificate.

Namespace:  System.IdentityModel.Selectors
Assembly:  System.IdentityModel (in System.IdentityModel.dll)

Syntax

---

Visual Basic (Declaration)

Public MustInherit Class X509CertificateValidator

Visual Basic (Usage)

Dim instance As X509CertificateValidator

C#

public abstract class X509CertificateValidator

Visual C++

public ref class X509CertificateValidator abstract

JScript

public abstract class X509CertificateValidator

Remarks

---

Use the X509CertificateValidator class to specify how an X.509 certificate is deemed valid. This can be done using by deriving a class from X509CertificateValidator and overriding the Validate method.

Examples

---

Visual Basic

Public Class MyX509CertificateValidator
    Inherits X509CertificateValidator
    Private allowedIssuerName As String

    Public Sub New(ByVal allowedIssuerName As String)
        If allowedIssuerName Is Nothing Then
            Throw New ArgumentNullException("allowedIssuerName")
        End If

        Me.allowedIssuerName = allowedIssuerName

    End Sub 'New

    Public Overrides Sub Validate(ByVal certificate As X509Certificate2)
        ' Check that there is a certificate.
        If certificate Is Nothing Then
            Throw New ArgumentNullException("certificate")
        End If

        ' Check that the certificate issuer matches the configured issuer
        If allowedIssuerName <> certificate.IssuerName.Name Then
            Throw New SecurityTokenValidationException("Certificate was not issued by a trusted issuer")
        End If

    End Sub 'Validate
End Class 'MyX509CertificateValidator

C#

public class MyX509CertificateValidator : X509CertificateValidator
{
    string allowedIssuerName;
    public MyX509CertificateValidator(string allowedIssuerName)
    {
        if (allowedIssuerName == null)
        {
            throw new ArgumentNullException("allowedIssuerName");
        }

        this.allowedIssuerName = allowedIssuerName;
    }
    public override void Validate(X509Certificate2 certificate)
    {
        // Check that there is a certificate.
        if (certificate == null)
        {
            throw new ArgumentNullException("certificate");
        }

        // Check that the certificate issuer matches the configured issuer
        if (allowedIssuerName != certificate.IssuerName.Name)
        {
            throw new SecurityTokenValidationException
              ("Certificate was not issued by a trusted issuer");
        }
    }
}

Inheritance Hierarchy

---

System..::.Object
  System.IdentityModel.Selectors..::.X509CertificateValidator

Thread Safety

---

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Platforms

---

Windows 7, Windows Vista, Windows XP SP2, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Version Information

---

.NET Framework

Supported in: 3.5, 3.0

See Also

---

Reference

X509CertificateValidator Members

System.IdentityModel.Selectors Namespace