This documentation is archived and is not being maintained.

<peerAuthentication> Element

Specifies authentication options for peer-to-peer clients.

For more information about peer-to-peer programming, see Peer to Peer Networking.

<system.serviceModel>

  <behaviors>

    <endpointBehaviors>

      <behavior> of <endpointBehaviors>

        <clientCredentials>

          <peer> of <clientCredentials> Element


									
									<peerAuthentication
								
									
									customCertificateValidatorType = "namespace.typeName, [,AssemblyName] [,Version=version number] [,Culture=culture] [,PublicKeyToken=token]"
								
									
									certificateValidationMode = "ChainTrust/None/PeerTrust/PeerOrChainTrust/Custom"
								
									
									revocationMode="NoCheck/Online/Offline"
								
									
									trustedStoreLocation="CurrentUser/LocalMachine" 
								
									
									/>
								

The following sections describe attributes, child elements, and parent elements

Attributes

Attribute Description

customCertificateValidatorType

Optional string. A type and assembly used to validate a custom type. This attribute must be set when certificateValidationMode is set to Custom.

certifcateValidationMode

Optional enumeration. Specifies one of three modes used to validate credentials. If set to Custom, then a customCertificateValidator must also be supplied. The default is ChainTrust.

revocationMode

Optional enumeration. One of the modes used to check for a revoked certificate lists (CRL). The default is Online.

trustedStoreLocation

Optional enumeration. One of the two system store locations: LocalMachine or CurrentUser. This value is used when a service certificate is negotiated to the client. Validation is performed against the Trusted People store in the specified store location. The default is CurrentUser.

customCertificateValidatorType Attribute

Value Description

String

Specifies the type name and assembly and other data used to find the type. At minimum, a namespace and type name are required. Optional information includes: assembly name, version number, culture, and public key token.

certificateValidationMode Attribute

Value Description

Enumeration

One of the following values: None, PeerTrust, ChainTrust, PeerOrChainTrust, Custom. The default is ChainTrust.

For more information, see Working with Certificates.

revocationMode Attribute

Value Description

Enumeration

One of the following values: NoCheck, Online, Offline. The default is Online.

For more information, see Working with Certificates.

trustedStoreLocation Attribute

Value Description

Enumeration

One of the following values: LocalMachine or CurrentUser. The default is CurrentUser. If the client application is running under a system account then the certificate is typically under LocalMachine. If the client application is running under a user account then the certificate is typically in CurrentUser.

Child Elements

None.

Parent Elements

Element Description

<peer> of <clientCredentials> Element

Specifies a credential used for authenticating the client to a peer service.

Insert content here.

The <authentication> element corresponds to the X509PeerCertificateAuthentication class.

The following code sets the certificate validation mode to PeerOrChainTrust.

<behaviors>
 <endpointBehaviors>
  <behavior name="MyEndpointBehavior">
   <clientCredentials>
    <peer>
     <certificate findValue="www.contoso.com" 
                   storeLocation="LocalMachine"
                   x509FindType="FindByIssuerName" />
     <peerAuthentication 
          certificateValidationMode="PeerOrChainTrust" />
     <messageSenderAuthentication certificateValidationMode="None" />
    </peer>
   </clientCredentials>
  </behavior>
</endpointBehaviors>
Footer image

Send comments about this topic to Microsoft.
© Microsoft Corporation. All rights reserved.

Show: