Export (0) Print
Expand All

X509ClientCertificateAuthentication.CertificateValidationMode Property

Gets or sets the certificate validation mode.

Namespace:  System.ServiceModel.Security
Assembly:  System.ServiceModel (in System.ServiceModel.dll)

public X509CertificateValidationMode CertificateValidationMode { get; set; }

The following example uses the CertificateValidationMode to print to the screen.

// Create a service host.
Uri httpUri = new Uri("http://localhost/Calculator");
ServiceHost sh = new ServiceHost(typeof(Calculator), httpUri);

// Create a binding that uses a certificate.
WSHttpBinding b = new WSHttpBinding(SecurityMode.Message);
b.Security.Message.ClientCredentialType =
    MessageCredentialType.Certificate;

// Get a reference to the authentication object.
X509ClientCertificateAuthentication myAuthProperties =
    sh.Credentials.ClientCertificate.Authentication;

switch (myAuthProperties.CertificateValidationMode)
{
    case X509CertificateValidationMode.ChainTrust:
        Console.WriteLine("ChainTrust");
        break;
    case X509CertificateValidationMode.Custom:
        Console.WriteLine("Custom");
        break;
    case X509CertificateValidationMode.None:
        Console.WriteLine("ChainTrust");
        break;
    case X509CertificateValidationMode.PeerOrChainTrust:
        Console.WriteLine("PeerOrChainTrust");
        break;
    case X509CertificateValidationMode.PeerTrust:
        Console.WriteLine("PeerTrust");
        break;
    default:
        Console.WriteLine("Default");
        break;
}

The property can also be set in a configuration file.

<serviceCredentials>
  <clientCertificate>
     <authentication certificateValidationMode='ChainTrust' />
  </clientCertificate>
</serviceCredentials>

.NET Framework

Supported in: 4.6, 4.5, 4, 3.5, 3.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1
Show:
© 2015 Microsoft