Export (0) Print
Expand All

X509ServiceCertificateAuthentication.RevocationMode Property

Gets or sets the certificate revocation mode for ChainTrust and PeerOrChainTrust X.509 certificate validation mode.

Namespace:  System.ServiceModel.Security
Assembly:  System.ServiceModel (in System.ServiceModel.dll)

'Declaration
Public Property RevocationMode As X509RevocationMode

Property Value

Type: System.Security.Cryptography.X509Certificates.X509RevocationMode
One of the values in X509RevocationMode: NoCheck, Online, or Offline.

ExceptionCondition
InvalidOperationException

Attempted to set when credential is read-only.

When using certificates, the system validates that the client certificate has not been revoked, by checking that the client certificate is not in the revoked certificate list. This check can be performed either by checking online or by checking against a cached revocation list. Revocation checking can be turned off by setting this property to NoCheck.

The following code shows how to set this property.

				Dim creds As New ClientCredentials()

				' Configure chain trust.

				creds.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.ChainTrust

				creds.ServiceCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck

The property can also be set in a configuration file.

    <behaviors>
      <endpointBehaviors>
        <behavior name="behave">
          <clientCredentials>
            <serviceCertificate>
              <authentication certificateValidationMode="ChainTrust" 
                              revocationMode="NoCheck" />
            </serviceCertificate>
          </clientCredentials>
        </behavior>
      </endpointBehaviors>
    </behaviors>
  </system.serviceModel>
</configuration>

.NET Framework

Supported in: 4.6, 4.5, 4, 3.5, 3.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1
Show:
© 2015 Microsoft