X509CertificateValidator Class

 

Validates an X.509 certificate.

Namespace:   System.IdentityModel.Selectors
Assembly:  System.IdentityModel (in System.IdentityModel.dll)

System.Object
  System.IdentityModel.Selectors.X509CertificateValidator
    System.IdentityModel.Tokens.X509NTAuthChainTrustValidator

public abstract class X509CertificateValidator : ICustomIdentityConfiguration

NameDescription
System_CAPS_protmethodX509CertificateValidator()

Initializes a new instance of the X509CertificateValidator class.

NameDescription
System_CAPS_pubpropertySystem_CAPS_staticChainTrust

Gets a validator that validates the X.509 certificate using a trust chain.

System_CAPS_pubpropertySystem_CAPS_staticNone

Gets a validator that performs no validation on an X.509 certificate. As a result, an X.509 certificate is always considered to be valid.

System_CAPS_pubpropertySystem_CAPS_staticPeerOrChainTrust

Gets a validator that verifies the certificate is in the TrustedPeople certificate store or by building a certificate trust chain. The certificate is trusted if it passes either verification method.

System_CAPS_pubpropertySystem_CAPS_staticPeerTrust

Gets a validator that verifies the certificate is in the TrustedPeople certificate store

NameDescription
System_CAPS_pubmethodSystem_CAPS_staticCreateChainTrustValidator(Boolean, X509ChainPolicy)

Gets a validator that verifies the X.509 certificate by specifying the context and chain policy that is used to build and verify a trust chain.

System_CAPS_pubmethodSystem_CAPS_staticCreatePeerOrChainTrustValidator(Boolean, X509ChainPolicy)

Gets a validator that verifies the certificate is in the TrustedPeople certificate store or by specifying the context and chain policy that is used to build a certificate trust chain. The certificate is trusted if it passes either verification method.

System_CAPS_pubmethodEquals(Object)

Determines whether the specified object is equal to the current object.(Inherited from Object.)

System_CAPS_protmethodFinalize()

Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection.(Inherited from Object.)

System_CAPS_pubmethodGetHashCode()

Serves as the default hash function. (Inherited from Object.)

System_CAPS_pubmethodGetType()

Gets the Type of the current instance.(Inherited from Object.)

System_CAPS_pubmethodLoadCustomConfiguration(XmlNodeList)

When overridden in a derived class, loads custom configuration from XML.

System_CAPS_protmethodMemberwiseClone()

Creates a shallow copy of the current Object.(Inherited from Object.)

System_CAPS_pubmethodToString()

Returns a string that represents the current object.(Inherited from Object.)

System_CAPS_pubmethodValidate(X509Certificate2)

When overridden in a derived class, validates the X.509 certificate.

Use the X509CertificateValidator class to specify how an X.509 certificate is deemed valid. This can be done using by deriving a class from X509CertificateValidator and overriding the Validate method.

public class MyX509CertificateValidator : X509CertificateValidator
{
    string allowedIssuerName;
    public MyX509CertificateValidator(string allowedIssuerName)
    {
        if (allowedIssuerName == null)
        {
            throw new ArgumentNullException("allowedIssuerName");
        }

        this.allowedIssuerName = allowedIssuerName;
    }
    public override void Validate(X509Certificate2 certificate)
    {
        // Check that there is a certificate.
        if (certificate == null)
        {
            throw new ArgumentNullException("certificate");
        }

        // Check that the certificate issuer matches the configured issuer
        if (allowedIssuerName != certificate.IssuerName.Name)
        {
            throw new SecurityTokenValidationException
              ("Certificate was not issued by a trusted issuer");
        }
    }
}

.NET Framework
Available since 3.0

Any public static ( Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Return to top
Show: