X509ClientCertificateAuthentication Class
Specifies authentication properties for validating the client certificate.
Assembly: System.ServiceModel (in System.ServiceModel.dll)
| Name | Description | |
|---|---|---|
![]() | CertificateValidationMode | Gets or sets the certificate validation mode. |
![]() | CustomCertificateValidator | Gets or sets a custom client certificate validator. |
![]() | IncludeWindowsGroups | Gets or sets a value that indicates whether Windows groups are included in the authorization context. |
![]() | MapClientCertificateToWindowsAccount | Gets or sets a value that indicates whether the certificate is mapped to Windows accounts. |
![]() | RevocationMode | Gets or sets the certificate revocation mode for ChainTrust and PeerOrChainTrust X.509 certificate validation. |
![]() | TrustedStoreLocation | Gets or sets the trusted store location under which context the client certificate chain is validated. |
| Name | Description | |
|---|---|---|
![]() | Equals(Object) | Determines whether the specified object is equal to the current object.(Inherited from Object.) |
![]() | Finalize() | Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection.(Inherited from Object.) |
![]() | GetHashCode() | Serves as the default hash function. (Inherited from Object.) |
![]() | GetType() | |
![]() | MemberwiseClone() | |
![]() | ToString() | Returns a string that represents the current object.(Inherited from Object.) |
If the CertificateValidationMode is set to Custom, then you must create a custom certificate validator that inherits from the X509CertificateValidator class. For more information, seeHow to: Create a Service that Employs a Custom Certificate Validator.
The following code shows how to set this property.
// Create a service host. Uri httpUri = new Uri("http://localhost/Calculator"); ServiceHost sh = new ServiceHost(typeof(Calculator), httpUri); // Get a reference to the authentication object. X509ClientCertificateAuthentication myAuthProperties = sh.Credentials.ClientCertificate.Authentication; // Configure peer trust. myAuthProperties.CertificateValidationMode = X509CertificateValidationMode.PeerTrust; // Configure chain trust. myAuthProperties.CertificateValidationMode = X509CertificateValidationMode.ChainTrust; // Configure custom certificate validation. myAuthProperties.CertificateValidationMode = X509CertificateValidationMode.Custom; // Specify a custom certificate validator (not shown here) that inherits // from the X509CertificateValidator class. // creds.ClientCertificate.Authentication.CustomCertificateValidator = // new MyCertificateValidator();
The property can also be set in a configuration file.
<serviceCredentials>
<clientCertificate>
<authentication certificateValidationMode='ChainTrust' />
</clientCertificate>
</serviceCredentials>
Available since 3.0
Any public static ( Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.


