<certificateReference>
Specifies settings for X.509 certificate validation. A secure Windows Communication Foundation (WCF) client that connects to an endpoint with this identity verifies that the claims presented by the server contain the identity claim used to construct this identity.
Schema Hierarchy
<identity>
<certificateReference>
Syntax
<certificateReference
findValue="String"
isChainIncluded="Boolean"
storeName="AddressBook/AuthRoot/CertificateAuthority/Disallowed/My/Root/TrustedPeople/TrustedPublisher"storeName="
storeLocation="LocalMachine/CurrentUser"
X509FindType="FindByThumbPrint/FindBySubjectName/FindBySubjectDistinguishedName/FindByIssuerName/FindByIssuerDistinguishedName/FindBySerialNumber/FindByTimeValid/FindByTimeNotYetValid/FindByTemplateName/FindByApplicationPolicy/FindByCertificatePolicy/FindByExtension/FindByKeyUsage/FindBySubjectKeyIdentifier"
</certificateReference>
Attributes and Elements
The following sections describe attributes, child elements, and parent elements.
Attributes
Attribute | Description |
---|---|
findValue |
Specifies the value to search for in the X.509 certificate store. The type contained in this attribute must satisfy the requirements of the specified X509FindType value. The default is an empty string. |
isChainIncluded |
A Boolean value that specifies if the validation is done using a certificate chain. |
storeLocation |
Specifies the location of the certificate store that the client can use to validate the server’s certificate. Valid values include the following:
The default value is LocalMachine. This attribute is of type StoreLocation. |
storeName |
Specifies the name of the X.509 certificate store to open. Valid values include the following:
The default value is My. This attribute is of type StoreName. |
X509FindType |
Specifies the type of X.509 search to be executed. The type contained in the findValue attribute must satisfy the requirements of the specified X509FindType. Valid values include the following:
The default value is FindBySubjectDistinguishedName. This attribute is of type X509FindType. |
Child Elements
None.
Parent Elements
Element | Description |
---|---|
Specifies settings that enable the authentication of an endpoint by other endpoints exchanging messages with it. |
See Also
Reference
CertificateReferenceElement
IdentityElement
EndpointAddress
Identity