X509CertificateValidator.CreateChainTrustValidator Method

Gets a validator that verifies the X.509 certificate by specifying the context and chain policy that is used to build and verify a trust chain.

Namespace:  System.IdentityModel.Selectors
Assembly:  System.IdentityModel (in System.IdentityModel.dll)

public static X509CertificateValidator CreateChainTrustValidator(
	bool useMachineContext,
	X509ChainPolicy chainPolicy


Type: System.Boolean

true to use the machine context; false to use the current user context.

Type: System.Security.Cryptography.X509Certificates.X509ChainPolicy

An X509ChainPolicy that specifies the policy used to build and verify the trust chain.

Return Value

Type: System.IdentityModel.Selectors.X509CertificateValidator
A X509CertificateValidator that validates the X.509 certificate using a trust chain.

Use the CreateChainTrustValidator method instead of the ChainTrust property to specify the context or to set chain policy. Chain policy can be used to specify the Enhanced Key Usage (EKU) for which the chain should be validated, or specify revocation checking.

The return value for this static method can be supplied as a parameter to the constructors for the X509SecurityTokenAuthenticator class that take a validator.

.NET Framework

Supported in: 4.5.2, 4.5.1, 4.5, 4, 3.5, 3.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
© 2014 Microsoft