Questo articolo è stato tradotto automaticamente. Per visualizzare l'articolo in inglese, selezionare la casella di controllo Inglese. È possibile anche visualizzare il testo inglese in una finestra popup posizionando il puntatore del mouse sopra il testo.
Traduzione
Inglese

Metodo EndpointIdentity.CreateX509CertificateIdentity (X509Certificate2)

 

Data di pubblicazione: ottobre 2016

Crea un'identità X509Certificate con il certificato specificato.

Spazio dei nomi:   System.ServiceModel
Assembly:  System.ServiceModel (in System.ServiceModel.dll)

public static EndpointIdentity CreateX509CertificateIdentity(
	X509Certificate2 certificate
)

Parametri

certificate
Type: System.Security.Cryptography.X509Certificates.X509Certificate2

Classe X509Certificate2 contenente il certificato per l'identità.

Valore restituito

Type: System.ServiceModel.EndpointIdentity

Classe EndpointIdentity X509Cerificate associata al parametro certificate specificato.

Exception Condition
ArgumentNullException

certificate è null.

A secure indigo2 client that connects to an endpoint with this identity verifies that the claims presented by the server contain the claim that contains the thumbprint of the certificate used to construct this identity.

This static method creates an instance of T:System.ServiceModel.X509CertificateEndpointIdentity by calling its constructor, M:System.ServiceModel.X509CertificateEndpointIdentity.#ctor(System.Security.Cryptography.X509Certificates.X509Certificate2), using certificate as the input parameter.

The following code shows how to call this method.

    // This method creates a WSFederationHttpBinding.
    public static WSFederationHttpBinding CreateWSFederationHttpBinding()
    {
        // Create an instance of the WSFederationHttpBinding.
        WSFederationHttpBinding b = new WSFederationHttpBinding();

        // Set the security mode to Message.
        b.Security.Mode = WSFederationHttpSecurityMode.Message;

        // Set the Algorithm Suite to Basic256Rsa15.
        b.Security.Message.AlgorithmSuite = SecurityAlgorithmSuite.Basic256Rsa15;

        // Set NegotiateServiceCredential to true.
        b.Security.Message.NegotiateServiceCredential = true;

        // Set IssuedKeyType to Symmetric.
        b.Security.Message.IssuedKeyType = SecurityKeyType.SymmetricKey;

        // Set IssuedTokenType to SAML 1.1.
        b.Security.Message.IssuedTokenType = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#samlv1.1";

        // Extract the STS certificate from the certificate store.
        X509Store store = new X509Store(StoreName.TrustedPeople, StoreLocation.CurrentUser);
        store.Open(OpenFlags.ReadOnly);
        X509Certificate2Collection certs = store.Certificates.Find(X509FindType.FindByThumbprint, "cd 54 88 85 0d 63 db ac 92 59 05 af ce b8 b1 de c3 67 9e 3f", false);
        store.Close();

        // Create an EndpointIdentity from the STS certificate.
        EndpointIdentity identity = EndpointIdentity.CreateX509CertificateIdentity(certs[0]);

        // Set the IssuerAddress using the address of the STS and the previously created EndpointIdentity.
        b.Security.Message.IssuerAddress = new EndpointAddress(new Uri("http://localhost:8000/sts/x509"), identity);

        // Set the IssuerBinding to a WSHttpBinding loaded from config
        b.Security.Message.IssuerBinding = new WSHttpBinding("Issuer");

        // Set the IssuerMetadataAddress using the metadata address of the STS and the previously created EndpointIdentity.
        b.Security.Message.IssuerMetadataAddress = new EndpointAddress(new Uri("http://localhost:8001/sts/mex"), identity);

        // Create a ClaimTypeRequirement.
        ClaimTypeRequirement ctr = new ClaimTypeRequirement("http://example.org/claim/c1", false);

        // Add the ClaimTypeRequirement to ClaimTypeRequirements.
        b.Security.Message.ClaimTypeRequirements.Add(ctr);

        // Return the created binding.
        return b;
    }
}

.NET Framework
Disponibile da 3.0
Torna all'inizio
Mostra: