LocalCertificateSelectionCallback Delegate

 

Selects the local Secure Sockets Layer (SSL) certificate used for authentication.

Namespace:   System.Net.Security
Assembly:  System (in System.dll)

public delegate X509Certificate^ LocalCertificateSelectionCallback(
	Object^ sender,
	String^ targetHost,
	X509CertificateCollection^ localCertificates,
	X509Certificate^ remoteCertificate,
	array<String^>^ acceptableIssuers
)

Parameters

sender
Type: System::Object^

An object that contains state information for this validation.

targetHost
Type: System::String^

The host server specified by the client.

localCertificates
Type: System.Security.Cryptography.X509Certificates::X509CertificateCollection^

An X509CertificateCollection containing local certificates.

remoteCertificate
Type: System.Security.Cryptography.X509Certificates::X509Certificate^

The certificate used to authenticate the remote party.

acceptableIssuers
Type: array<System::String^>^

A String array of certificate issuers acceptable to the remote party.

Return Value

Type: System.Security.Cryptography.X509Certificates::X509Certificate^

An X509Certificate used for establishing an SSL connection.

This delegate is used to construct instances of the SslStream class. The SslStream class is used to help secure information exchanged between a client and server. The client and server use this delegate to select a certificate to be used for authentication.

The following code example demonstrates a method implementation for this delegate.

 static X509Certificate^ SelectLocalCertificate(
         Object^ sender, 
String^ targetHost, 
X509CertificateCollection^ localCertificates, 
X509Certificate^ remoteCertificate, 
array<String^>^ acceptableIssuers
 )
 {	
     Console::WriteLine("Client is selecting a local certificate.");
     if (acceptableIssuers != nullptr && 
             acceptableIssuers->Length > 0 &&
             localCertificates != nullptr &&
             localCertificates->Count > 0)
     {
         // Use the first certificate that is from an acceptable issuer.
         IEnumerator^ myEnum1 = localCertificates->GetEnumerator();
         while ( myEnum1->MoveNext() )
         {
	X509Certificate^ certificate = safe_cast<X509Certificate^>(myEnum1->Current);
	String^ issuer = certificate->Issuer;
	if ( Array::IndexOf( acceptableIssuers, issuer ) != -1 )
		return certificate;
         }
     }
     if (localCertificates != nullptr &&
             localCertificates->Count > 0)
return localCertificates[0];

     return nullptr;
  }

The following code example demonstrates creating an instance of this delegate.

// Server name must match the host name and the name on the host's certificate. 
serverName = args[ 1 ];

// Create a TCP/IP client socket.
TcpClient^ client = gcnew TcpClient( serverName,80 );
Console::WriteLine( L"Client connected." );

// Create an SSL stream that will close the client's stream.
SslStream^ sslStream = gcnew SslStream( 
    client->GetStream(),
    false,
    gcnew RemoteCertificateValidationCallback( ValidateServerCertificate ),
    gcnew LocalCertificateSelectionCallback( SelectLocalCertificate ) );

.NET Framework
Available since 2.0
Return to top
Show: