Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

X509ClientCertificateAuthentication.RevocationMode Property

Gets or sets the certificate revocation mode for ChainTrust and PeerOrChainTrust X.509 certificate validation.

Namespace:  System.ServiceModel.Security
Assembly:  System.ServiceModel (in System.ServiceModel.dll)

public X509RevocationMode RevocationMode { get; set; }

Property Value

Type: System.Security.Cryptography.X509Certificates.X509RevocationMode
One of the values in X509RevocationMode: NoCheck, Online, or Offline. The default is Online.

ExceptionCondition
InvalidOperationException

set when credential is read-only.

When using certificates, the system validates that the client certificate is not revoked, by checking that the client certificate is not in the revoked certificate list. This check can be performed either by checking online or by checking against a cached revocation list. Revocation checking can be turned off by setting this property to NoCheck.

For more information, seeWorking with Certificates.

The following code shows how to set this property.


// Create a service host.
Uri httpUri = new Uri("http://localhost/Calculator");
ServiceHost sh = new ServiceHost(typeof(Calculator), httpUri);

// Create a binding that uses a certificate.
WSHttpBinding b = new WSHttpBinding(SecurityMode.Message);
b.Security.Message.ClientCredentialType =
    MessageCredentialType.Certificate; 

// Get a reference to the authentication object.
X509ClientCertificateAuthentication myAuthProperties =
    sh.Credentials.ClientCertificate.Authentication;

// Configure ChainTrust with no revocation check.
myAuthProperties.CertificateValidationMode = 
    X509CertificateValidationMode.ChainTrust;
myAuthProperties.RevocationMode = X509RevocationMode.NoCheck;


The property can also be set in a configuration file.

<serviceCredentials>
  <clientCertificate>
     <authentication certificateValidationMode='ChainTrust'   revocationMode = 'NoCheck'/>
  </clientCertificate>
</serviceCredentials>

.NET Framework

Supported in: 4, 3.5, 3.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Community Additions

ADD
Show:
© 2015 Microsoft