X509ClientCertificateAuthentication Class

 

Specifies authentication properties for validating the client certificate.

Namespace:   System.ServiceModel.Security
Assembly:  System.ServiceModel (in System.ServiceModel.dll)

System.Object
  System.ServiceModel.Security.X509ClientCertificateAuthentication

public class X509ClientCertificateAuthentication

NameDescription
System_CAPS_pubpropertyCertificateValidationMode

Gets or sets the certificate validation mode.

System_CAPS_pubpropertyCustomCertificateValidator

Gets or sets a custom client certificate validator.

System_CAPS_pubpropertyIncludeWindowsGroups

Gets or sets a value that indicates whether Windows groups are included in the authorization context.

System_CAPS_pubpropertyMapClientCertificateToWindowsAccount

Gets or sets a value that indicates whether the certificate is mapped to Windows accounts.

System_CAPS_pubpropertyRevocationMode

Gets or sets the certificate revocation mode for ChainTrust and PeerOrChainTrust X.509 certificate validation.

System_CAPS_pubpropertyTrustedStoreLocation

Gets or sets the trusted store location under which context the client certificate chain is validated.

NameDescription
System_CAPS_pubmethodEquals(Object)

Determines whether the specified object is equal to the current object.(Inherited from Object.)

System_CAPS_protmethodFinalize()

Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection.(Inherited from Object.)

System_CAPS_pubmethodGetHashCode()

Serves as the default hash function. (Inherited from Object.)

System_CAPS_pubmethodGetType()

Gets the Type of the current instance.(Inherited from Object.)

System_CAPS_protmethodMemberwiseClone()

Creates a shallow copy of the current Object.(Inherited from Object.)

System_CAPS_pubmethodToString()

Returns a string that represents the current object.(Inherited from Object.)

If the CertificateValidationMode is set to Custom, then you must create a custom certificate validator that inherits from the X509CertificateValidator class. For more information, seeHow to: Create a Service that Employs a Custom Certificate Validator.

The following code shows how to set this property.

// Create a service host.
Uri httpUri = new Uri("http://localhost/Calculator");
ServiceHost sh = new ServiceHost(typeof(Calculator), httpUri);

// Get a reference to the authentication object.
X509ClientCertificateAuthentication myAuthProperties =
    sh.Credentials.ClientCertificate.Authentication;

// Configure peer trust.
myAuthProperties.CertificateValidationMode =
    X509CertificateValidationMode.PeerTrust;
// Configure chain trust.
myAuthProperties.CertificateValidationMode =
    X509CertificateValidationMode.ChainTrust;
// Configure custom certificate validation.
myAuthProperties.CertificateValidationMode =
    X509CertificateValidationMode.Custom;

// Specify a custom certificate validator (not shown here) that inherits 
// from the X509CertificateValidator class. 
// creds.ClientCertificate.Authentication.CustomCertificateValidator =
//    new MyCertificateValidator();

The property can also be set in a configuration file.

<serviceCredentials>
  <clientCertificate>
     <authentication certificateValidationMode='ChainTrust' />
  </clientCertificate>
</serviceCredentials>

.NET Framework
Available since 3.0

Any public static ( Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Return to top
Show: