X509BasicConstraintsExtension Class
Defines the constraints set on a certificate. This class cannot be inherited.
Assembly: System (in System.dll)
System.Security.Cryptography.AsnEncodedData
System.Security.Cryptography.X509Certificates.X509Extension
System.Security.Cryptography.X509Certificates.X509BasicConstraintsExtension
| Name | Description | |
|---|---|---|
![]() | X509BasicConstraintsExtension() | Initializes a new instance of the X509BasicConstraintsExtension class. |
![]() | X509BasicConstraintsExtension(AsnEncodedData, Boolean) | Initializes a new instance of the X509BasicConstraintsExtension class using an AsnEncodedData object and a value that identifies whether the extension is critical. |
![]() | X509BasicConstraintsExtension(Boolean, Boolean, Int32, Boolean) | Initializes a new instance of the X509BasicConstraintsExtension class. Parameters specify a value that indicates whether a certificate is a certificate authority (CA) certificate, a value that indicates whether the certificate has a restriction on the number of path levels it allows, the number of levels allowed in a certificate's path, and a value that indicates whether the extension is critical. |
| Name | Description | |
|---|---|---|
![]() | CertificateAuthority | Gets a value indicating whether a certificate is a certificate authority (CA) certificate. |
![]() | Critical | Gets a Boolean value indicating whether the extension is critical.(Inherited from X509Extension.) |
![]() | HasPathLengthConstraint | Gets a value indicating whether a certificate has a restriction on the number of path levels it allows. |
![]() | Oid | Gets or sets the Oid value for an AsnEncodedData object.(Inherited from AsnEncodedData.) |
![]() | PathLengthConstraint | Gets the number of levels allowed in a certificate's path. |
![]() | RawData | Gets or sets the Abstract Syntax Notation One (ASN.1)-encoded data represented in a byte array.(Inherited from AsnEncodedData.) |
| Name | Description | |
|---|---|---|
![]() | CopyFrom(AsnEncodedData) | Initializes a new instance of the X509BasicConstraintsExtension class using an AsnEncodedData object.(Overrides X509Extension.CopyFrom(AsnEncodedData).) |
![]() | Equals(Object) | Determines whether the specified object is equal to the current object.(Inherited from Object.) |
![]() | Format(Boolean) | Returns a formatted version of the Abstract Syntax Notation One (ASN.1)-encoded data as a string.(Inherited from AsnEncodedData.) |
![]() | GetHashCode() | Serves as the default hash function. (Inherited from Object.) |
![]() | GetType() | |
![]() | ToString() | Returns a string that represents the current object.(Inherited from Object.) |
This class provides properties that define the basic constraints set on a certificate.
The following code example demonstrates how to open a user’s personal certificate store and display information about each certificate in the store. This example uses the X509BasicConstraintsExtension class to display the information.
using System; using System.Security.Cryptography; using System.Security.Cryptography.X509Certificates; public class CertSelect { public static void Main() { try { X509Store store = new X509Store("MY", StoreLocation.CurrentUser); store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly); X509Certificate2Collection collection = (X509Certificate2Collection)store.Certificates; for (int i = 0; i < collection.Count; i++) { foreach (X509Extension extension in collection[i].Extensions) { Console.WriteLine(extension.Oid.FriendlyName + "(" + extension.Oid.Value + ")"); if (extension.Oid.FriendlyName == "Key Usage") { X509KeyUsageExtension ext = (X509KeyUsageExtension)extension; Console.WriteLine(ext.KeyUsages); } if (extension.Oid.FriendlyName == "Basic Constraints") { X509BasicConstraintsExtension ext = (X509BasicConstraintsExtension)extension; Console.WriteLine(ext.CertificateAuthority); Console.WriteLine(ext.HasPathLengthConstraint); Console.WriteLine(ext.PathLengthConstraint); } if (extension.Oid.FriendlyName == "Subject Key Identifier") { X509SubjectKeyIdentifierExtension ext = (X509SubjectKeyIdentifierExtension)extension; Console.WriteLine(ext.SubjectKeyIdentifier); } if (extension.Oid.FriendlyName == "Enhanced Key Usage") { X509EnhancedKeyUsageExtension ext = (X509EnhancedKeyUsageExtension)extension; OidCollection oids = ext.EnhancedKeyUsages; foreach (Oid oid in oids) { Console.WriteLine(oid.FriendlyName + "(" + oid.Value + ")"); } } } } store.Close(); } catch (CryptographicException) { Console.WriteLine("Information could not be written out for this certificate."); } } }
Available since 2.0
Any public static ( Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

