Gets or sets the certificate revocation mode for ChainTrust and PeerOrChainTrust X.509 certificate validation.
Assembly: System.ServiceModel (in System.ServiceModel.dll)
When using certificates, the system validates that the client certificate is not revoked, by checking that the client certificate is not in the revoked certificate list. This check can be performed either by checking online or by checking against a cached revocation list. Revocation checking can be turned off by setting this property to NoCheck.
For more information, see Working with Certificates.
The following code shows how to set this property.
' Create a service host. Dim httpUri As New Uri("http://localhost/Calculator") Dim sh As New ServiceHost(GetType(Calculator), httpUri) ' Create a binding that uses a certificate. Dim b As New WSHttpBinding(SecurityMode.Message) b.Security.Message.ClientCredentialType = _ MessageCredentialType.Certificate ' Get a reference to the authentication object. Dim myAuthProperties As X509ClientCertificateAuthentication = _ sh.Credentials.ClientCertificate.Authentication ' Configure ChainTrust with no revocation check. myAuthProperties.CertificateValidationMode = _ X509CertificateValidationMode.ChainTrust myAuthProperties.RevocationMode = X509RevocationMode.NoCheck
The property can also be set in a configuration file.
<serviceCredentials> <clientCertificate> <authentication certificateValidationMode='ChainTrust' revocationMode = 'NoCheck'/> </clientCertificate> </serviceCredentials>
Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)
The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.