HttpListenerRequest.ClientCertificateError Property


Gets an error code that identifies a problem with the X509Certificate provided by the client.

Namespace:   System.Net
Assembly:  System (in System.dll)

public int ClientCertificateError { get; }

Property Value

Type: System.Int32

An Int32 value that contains a Windows error code.

Exception Condition

The client certificate has not been initialized yet by a call to the BeginGetClientCertificate or GetClientCertificate methods

-or -

The operation is still in progress.

This property contains a Windows error code returned by the Secure Channel (Schannel) Security Support Provider Interface (SSPI), which is used to validate the certificate. For more information about SSPI support for Schannel, see "Creating a Secure Connection Using Schannel" in the Security documentation at

The following code example checks this property to determine whether the request includes a valid client certificate.

Console.WriteLine("Listening for {0} prefixes...", listener.Prefixes.Count);
HttpListenerContext context = listener.GetContext();
HttpListenerRequest request = context.Request;
Console.WriteLine("Received a request.");
// This server requires a valid client certificate
// for requests that are not sent from the local computer.

// Did the client omit the certificate or send an invalid certificate?
if (request.IsAuthenticated &&
    request.GetClientCertificate() == null || 
    request.ClientCertificateError != 0)
    // Send a 403 response.
    HttpListenerResponse badCertificateResponse = context.Response ;
    Console.WriteLine("Client has invalid certificate.");

.NET Framework
Available since 2.0
Return to top