X509CertificateValidator Class

 

Validates an X.509 certificate.

Namespace:   System.IdentityModel.Selectors
Assembly:  System.IdentityModel (in System.IdentityModel.dll)

System.Object
  System.IdentityModel.Selectors.X509CertificateValidator
    System.IdentityModel.Tokens.X509NTAuthChainTrustValidator

public abstract class X509CertificateValidator : ICustomIdentityConfiguration

NameDescription
System_CAPS_protmethodX509CertificateValidator()

Initializes a new instance of the X509CertificateValidator class.

NameDescription
System_CAPS_pubpropertySystem_CAPS_staticChainTrust

Gets a validator that validates the X.509 certificate using a trust chain.

System_CAPS_pubpropertySystem_CAPS_staticNone

Gets a validator that performs no validation on an X.509 certificate. As a result, an X.509 certificate is always considered to be valid.

System_CAPS_pubpropertySystem_CAPS_staticPeerOrChainTrust

Gets a validator that verifies the certificate is in the TrustedPeople certificate store or by building a certificate trust chain. The certificate is trusted if it passes either verification method.

System_CAPS_pubpropertySystem_CAPS_staticPeerTrust

Gets a validator that verifies the certificate is in the TrustedPeople certificate store

NameDescription
System_CAPS_pubmethodSystem_CAPS_staticCreateChainTrustValidator(Boolean, X509ChainPolicy)

Gets a validator that verifies the X.509 certificate by specifying the context and chain policy that is used to build and verify a trust chain.

System_CAPS_pubmethodSystem_CAPS_staticCreatePeerOrChainTrustValidator(Boolean, X509ChainPolicy)

Gets a validator that verifies the certificate is in the TrustedPeople certificate store or by specifying the context and chain policy that is used to build a certificate trust chain. The certificate is trusted if it passes either verification method.

System_CAPS_pubmethodEquals(Object)

Determines whether the specified object is equal to the current object.(Inherited from Object.)

System_CAPS_protmethodFinalize()

Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection.(Inherited from Object.)

System_CAPS_pubmethodGetHashCode()

Serves as the default hash function. (Inherited from Object.)

System_CAPS_pubmethodGetType()

Gets the Type of the current instance.(Inherited from Object.)

System_CAPS_pubmethodLoadCustomConfiguration(XmlNodeList)

When overridden in a derived class, loads custom configuration from XML.

System_CAPS_protmethodMemberwiseClone()

Creates a shallow copy of the current Object.(Inherited from Object.)

System_CAPS_pubmethodToString()

Returns a string that represents the current object.(Inherited from Object.)

System_CAPS_pubmethodValidate(X509Certificate2)

When overridden in a derived class, validates the X.509 certificate.

Use the X509CertificateValidator class to specify how an X.509 certificate is deemed valid. This can be done using by deriving a class from X509CertificateValidator and overriding the Validate method.

public class MyX509CertificateValidator : X509CertificateValidator
{
    string allowedIssuerName;
    public MyX509CertificateValidator(string allowedIssuerName)
    {
        if (allowedIssuerName == null)
        {
            throw new ArgumentNullException("allowedIssuerName");
        }

        this.allowedIssuerName = allowedIssuerName;
    }
    public override void Validate(X509Certificate2 certificate)
    {
        // Check that there is a certificate.
        if (certificate == null)
        {
            throw new ArgumentNullException("certificate");
        }

        // Check that the certificate issuer matches the configured issuer
        if (allowedIssuerName != certificate.IssuerName.Name)
        {
            throw new SecurityTokenValidationException
              ("Certificate was not issued by a trusted issuer");
        }
    }
}

.NET Framework
Available since 3.0

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Return to top
Show: