Home Library Learn Downloads Support Community
Sign in | United States - English | |
2 out of 4 rated this helpful - Rate this topic

ServicePointManager.ServerCertificateValidationCallback Property

.NET Framework 4

Gets or sets the callback to validate a server certificate.

Namespace:  System.Net
Assembly:  System (in System.dll)
C#
C++
F#
VB
Copy 
public static RemoteCertificateValidationCallback ServerCertificateValidationCallback { get; set; }

An application can set the ServerCertificateValidationCallback property to a method to use for custom validation by the client of the server certificate. When doing custom validation, the sender parameter passed to the RemoteCertificateValidationCallback can be a host string name or an object derived from WebRequest (HttpWebRequest, for example) depending on the CertificatePolicy property.

When custom validation is not used, the certificate name is compared with host name used to create the request. For example, if Create(String) was passed a parameter of "https://www.contoso.com/default.hmtl", the default behavior is for the client to check the certificate against www.contoso.com.

.NET Framework

Supported in: 4, 3.5, 3.0, 2.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
Did you find this helpful?
(1500 characters remaining)
Community Content Add
Annotations FAQ
Why static?
It just have hit me: why is is STATIC? are you out of your minds? What if I want to manually verify that one tiny single connection within my huge multithreaded application? I've decomplied the 4.0 System.Net assembly and, christ, that does not even seem to have thread-local on its internal private backing field. $0$0 $0 $0Please, could you confirm that this field is, or is not simply global? I would really hate if I had to synchronize and delay all other requests in the case described above.$0 $0$0 $0 $0Why did you make it static? It should be a property of a WebRequest or at most the WebClient, not global :($0
History
Could not establish trust relationship for the SSL/TLS secure channel with authority
Returning true in this callback passes all certificates (including genuinely dodgey ones) and solves the WCF error above, commonly encountered in dev environments when using self-signed certificates to test Transport (SSL) security between client and server.

The always return true hack should be used with care and possibly within #if DEBUG || STAGING conditional statements to prevent it leaking out into a prod build.

The article linked below describes how to setup a certificate authority within the enterprise, which is useful and likely a prerequisite to use certificates within an organisation. Active Directory or Group Policy can distribute the root authority to client workstations.

http://technet.microsoft.com/en-us/library/cc875810.aspx
History