X509ClientCertificateAuthentication Class
Specifies authentication properties for validating the client certificate.
Assembly: System.ServiceModel (in System.ServiceModel.dll)
The X509ClientCertificateAuthentication type exposes the following members.
| Name | Description | |
|---|---|---|
![]() | CertificateValidationMode | Gets the certificate validation mode. |
![]() | CustomCertificateValidator | Gets or sets a custom client certificate validator. |
![]() | IncludeWindowsGroups | Gets or sets a value that indicates whether Windows groups are included in the authorization context. |
![]() | MapClientCertificateToWindowsAccount | Gets or sets a value that indicates whether the certificate is mapped to Windows accounts. |
![]() | RevocationMode | Gets or sets the certificate revocation mode for ChainTrust and PeerOrChainTrust X.509 certificate validation. |
![]() | TrustedStoreLocation | Gets or sets the trusted store location under which context the client certificate chain is validated. |
| Name | Description | |
|---|---|---|
![]() | Equals(Object) | Determines whether the specified Object is equal to the current Object. (Inherited from Object.) |
![]() | Finalize | Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.) |
![]() | GetHashCode | Serves as a hash function for a particular type. (Inherited from Object.) |
![]() | GetType | Gets the Type of the current instance. (Inherited from Object.) |
![]() | MemberwiseClone | Creates a shallow copy of the current Object. (Inherited from Object.) |
![]() | ToString | Returns a string that represents the current object. (Inherited from Object.) |
If the CertificateValidationMode is set to Custom, then you must create a custom certificate validator that inherits from the X509CertificateValidator class. For more information, seeHow To: Create a Service Employing a Custom Certificate Validator.
The following code shows how to set this property.
// Create a service host. Uri httpUri = new Uri("http://localhost/Calculator"); ServiceHost sh = new ServiceHost(typeof(Calculator), httpUri); // Get a reference to the authentication object. X509ClientCertificateAuthentication myAuthProperties = sh.Credentials.ClientCertificate.Authentication; // Configure peer trust. myAuthProperties.CertificateValidationMode = X509CertificateValidationMode.PeerTrust; // Configure chain trust. myAuthProperties.CertificateValidationMode = X509CertificateValidationMode.ChainTrust; // Configure custom certificate validation. myAuthProperties.CertificateValidationMode = X509CertificateValidationMode.Custom; // Specify a custom certificate validator (not shown here) that inherits // from the X509CertificateValidator class. // creds.ClientCertificate.Authentication.CustomCertificateValidator = // new MyCertificateValidator();
The property can also be set in a configuration file.
<serviceCredentials>
<clientCertificate>
<authentication certificateValidationMode='ChainTrust' />
</clientCertificate>
</serviceCredentials>
Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2
The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.


