X509CertificateValidator Class
.NET Framework 4.5
Validates an X.509 certificate.
System.Object
System.IdentityModel.Selectors.X509CertificateValidator
System.IdentityModel.Tokens.X509NTAuthChainTrustValidator
System.IdentityModel.Selectors.X509CertificateValidator
System.IdentityModel.Tokens.X509NTAuthChainTrustValidator
Namespace: System.IdentityModel.Selectors
Assembly: System.IdentityModel (in System.IdentityModel.dll)
The X509CertificateValidator type exposes the following members.
| Name | Description | |
|---|---|---|
 | X509CertificateValidator | Initializes a new instance of the X509CertificateValidator class. |
| Name | Description | |
|---|---|---|
| ChainTrust | Gets a validator that validates the X.509 certificate using a trust chain. |
| None | Gets a validator that performs no validation on an X.509 certificate. As a result, an X.509 certificate is always considered to be valid. |
| PeerOrChainTrust | Gets a validator that verifies the certificate is in the TrustedPeople certificate store or by building a certificate trust chain. The certificate is trusted if it passes either verification method. |
| PeerTrust | Gets a validator that verifies the certificate is in the TrustedPeople certificate store |
| Name | Description | |
|---|---|---|
| CreateChainTrustValidator | Gets a validator that verifies the X.509 certificate by specifying the context and chain policy that is used to build and verify a trust chain. |
| CreatePeerOrChainTrustValidator | Gets a validator that verifies the certificate is in the TrustedPeople certificate store or by specifying the context and chain policy that is used to build a certificate trust chain. The certificate is trusted if it passes either verification method. |
| Equals(Object) | Determines whether the specified object is equal to the current object. (Inherited from Object.) |
| Finalize | Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.) |
| GetHashCode | Serves as a hash function for a particular type. (Inherited from Object.) |
| GetType | Gets the Type of the current instance. (Inherited from Object.) |
| LoadCustomConfiguration | When overridden in a derived class, loads custom configuration from XML. |
| MemberwiseClone | Creates a shallow copy of the current Object. (Inherited from Object.) |
| ToString | Returns a string that represents the current object. (Inherited from Object.) |
| Validate | When overridden in a derived class, validates the X.509 certificate. |
Use the X509CertificateValidator class to specify how an X.509 certificate is deemed valid. This can be done using by deriving a class from X509CertificateValidator and overriding the Validate method.
public class MyX509CertificateValidator : X509CertificateValidator { string allowedIssuerName; public MyX509CertificateValidator(string allowedIssuerName) { if (allowedIssuerName == null) { throw new ArgumentNullException("allowedIssuerName"); } this.allowedIssuerName = allowedIssuerName; } public override void Validate(X509Certificate2 certificate) { // Check that there is a certificate. if (certificate == null) { throw new ArgumentNullException("certificate"); } // Check that the certificate issuer matches the configured issuer if (allowedIssuerName != certificate.IssuerName.Name) { throw new SecurityTokenValidationException ("Certificate was not issued by a trusted issuer"); } } }
Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)
The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
