SslStream.AuthenticateAsClient Method

Definition

Authenticate the client side of a client-server connection.

Overloads

AuthenticateAsClient(SslClientAuthenticationOptions)

Called by clients to authenticate the server and optionally the client in a client-server connection.

AuthenticateAsClient(String)

Called by clients to authenticate the server and optionally the client in a client-server connection.

AuthenticateAsClient(String, X509CertificateCollection, Boolean)

Called by clients to authenticate the server and optionally the client in a client-server connection. The authentication process uses the specified certificate collection, and the system default SSL protocol.

AuthenticateAsClient(String, X509CertificateCollection, SslProtocols, Boolean)

Called by clients to authenticate the server and optionally the client in a client-server connection. The authentication process uses the specified certificate collection and SSL protocol.

AuthenticateAsClient(SslClientAuthenticationOptions)

Called by clients to authenticate the server and optionally the client in a client-server connection.

public:
 void AuthenticateAsClient(System::Net::Security::SslClientAuthenticationOptions ^ sslClientAuthenticationOptions);
public void AuthenticateAsClient (System.Net.Security.SslClientAuthenticationOptions sslClientAuthenticationOptions);
member this.AuthenticateAsClient : System.Net.Security.SslClientAuthenticationOptions -> unit
Public Sub AuthenticateAsClient (sslClientAuthenticationOptions As SslClientAuthenticationOptions)

Parameters

sslClientAuthenticationOptions
SslClientAuthenticationOptions

The property bag for the SSL connection.

Exceptions

targetHost is null.

The authentication failed and left this object in an unusable state.

Authentication has already occurred.

-or-

Server authentication using this SslStream was tried previously.

-or-

Authentication is already in progress.

This object has been closed.

Remarks

Starting with .NET Framework 4.7, this method authenticates using None, which allows the operating system to choose the best protocol to use, and to block protocols that are not secure. In .NET Framework 4.6 (and .NET Framework 4.5 with the latest security patches installed), the allowed TLS/SSL protocols versions are 1.2, 1.1, and 1.0 (unless you disable strong cryptography by editing the Windows Registry). No client certificates are used in the authentication. The certificate revocation list is not checked during authentication. The value specified for targetHost must match the name on the server's certificate.

When authentication succeeds, you must check the IsEncrypted and IsSigned properties to determine what security services are used by the SslStream. Check the IsMutuallyAuthenticated property to determine whether mutual authentication occurred.

If the authentication fails, you receive a AuthenticationException, and this SslStream is no longer useable. You should close this object and remove all references to it so that it can be collected by the garbage collector.

Applies to

AuthenticateAsClient(String)

Called by clients to authenticate the server and optionally the client in a client-server connection.

public:
 virtual void AuthenticateAsClient(System::String ^ targetHost);
public virtual void AuthenticateAsClient (string targetHost);
abstract member AuthenticateAsClient : string -> unit
override this.AuthenticateAsClient : string -> unit
Public Overridable Sub AuthenticateAsClient (targetHost As String)

Parameters

targetHost
String

The name of the server that shares this SslStream.

Exceptions

targetHost is null.

The authentication failed and left this object in an unusable state.

Authentication has already occurred.

-or-

Server authentication using this SslStream was tried previously.

-or-

Authentication is already in progress.

This object has been closed.

Remarks

Starting with .NET Framework 4.7, this method authenticates using None, which allows the operating system to choose the best protocol to use, and to block protocols that are not secure. In .NET Framework 4.6 (and .NET Framework 4.5 with the latest security patches installed), the allowed TLS/SSL protocols versions are 1.2, 1.1, and 1.0 (unless you disable strong cryptography by editing the Windows Registry). No client certificates are used in the authentication. The certificate revocation list is not checked during authentication. The value specified for targetHost must match the name on the server's certificate.

When authentication succeeds, you must check the IsEncrypted and IsSigned properties to determine what security services are used by the SslStream. Check the IsMutuallyAuthenticated property to determine whether mutual authentication occurred.

If the authentication fails, you receive a AuthenticationException, and this SslStream is no longer useable. You should close this object and remove all references to it so that it can be collected by the garbage collector.

Applies to

AuthenticateAsClient(String, X509CertificateCollection, Boolean)

Called by clients to authenticate the server and optionally the client in a client-server connection. The authentication process uses the specified certificate collection, and the system default SSL protocol.

public:
 virtual void AuthenticateAsClient(System::String ^ targetHost, System::Security::Cryptography::X509Certificates::X509CertificateCollection ^ clientCertificates, bool checkCertificateRevocation);
public virtual void AuthenticateAsClient (string targetHost, System.Security.Cryptography.X509Certificates.X509CertificateCollection? clientCertificates, bool checkCertificateRevocation);
public virtual void AuthenticateAsClient (string targetHost, System.Security.Cryptography.X509Certificates.X509CertificateCollection clientCertificates, bool checkCertificateRevocation);
abstract member AuthenticateAsClient : string * System.Security.Cryptography.X509Certificates.X509CertificateCollection * bool -> unit
override this.AuthenticateAsClient : string * System.Security.Cryptography.X509Certificates.X509CertificateCollection * bool -> unit
Public Overridable Sub AuthenticateAsClient (targetHost As String, clientCertificates As X509CertificateCollection, checkCertificateRevocation As Boolean)

Parameters

targetHost
String

The name of the server that will share this SslStream.

clientCertificates
X509CertificateCollection

The X509CertificateCollection that contains client certificates.

checkCertificateRevocation
Boolean

A Boolean value that specifies whether the certificate revocation list is checked during authentication.

Remarks

Starting with .NET Framework 4.7, this method authenticates using None, which allows the operating system to choose the best protocol to use, and to block protocols that are not secure. In .NET Framework 4.6 (and .NET Framework 4.5 with the latest security patches installed), the allowed TLS/SSL protocols versions are 1.2, 1.1, and 1.0 (unless you disable strong cryptography by editing the Windows Registry).

When authentication succeeds, you must check the IsEncrypted and IsSigned properties to determine what security services are used by the SslStream. Check the IsMutuallyAuthenticated property to determine whether mutual authentication occurred.

If the authentication fails, you receive a AuthenticationException, and this SslStream is no longer useable. You should close this object and remove all references to it so that it can be collected by the garbage collector.

Note

Client certificates are not supported in the SSL version 2 protocol.

Applies to

AuthenticateAsClient(String, X509CertificateCollection, SslProtocols, Boolean)

Called by clients to authenticate the server and optionally the client in a client-server connection. The authentication process uses the specified certificate collection and SSL protocol.

public:
 virtual void AuthenticateAsClient(System::String ^ targetHost, System::Security::Cryptography::X509Certificates::X509CertificateCollection ^ clientCertificates, System::Security::Authentication::SslProtocols enabledSslProtocols, bool checkCertificateRevocation);
public virtual void AuthenticateAsClient (string targetHost, System.Security.Cryptography.X509Certificates.X509CertificateCollection? clientCertificates, System.Security.Authentication.SslProtocols enabledSslProtocols, bool checkCertificateRevocation);
public virtual void AuthenticateAsClient (string targetHost, System.Security.Cryptography.X509Certificates.X509CertificateCollection clientCertificates, System.Security.Authentication.SslProtocols enabledSslProtocols, bool checkCertificateRevocation);
abstract member AuthenticateAsClient : string * System.Security.Cryptography.X509Certificates.X509CertificateCollection * System.Security.Authentication.SslProtocols * bool -> unit
override this.AuthenticateAsClient : string * System.Security.Cryptography.X509Certificates.X509CertificateCollection * System.Security.Authentication.SslProtocols * bool -> unit
Public Overridable Sub AuthenticateAsClient (targetHost As String, clientCertificates As X509CertificateCollection, enabledSslProtocols As SslProtocols, checkCertificateRevocation As Boolean)

Parameters

targetHost
String

The name of the server that will share this SslStream.

clientCertificates
X509CertificateCollection

The X509CertificateCollection that contains client certificates.

enabledSslProtocols
SslProtocols

The SslProtocols value that represents protocols used for authentication.

checkCertificateRevocation
Boolean

A Boolean value that specifies whether the certificate revocation list is checked during authentication.

Remarks

Starting with .NET Framework 4.7, this method authenticates using None, which allows the operating system to choose the best protocol to use, and to block protocols that are not secure. In .NET Framework 4.6 (and .NET Framework 4.5 with the latest security patches installed), the allowed TLS/SSL protocols versions are 1.2, 1.1, and 1.0 (unless you disable strong cryptography by editing the Windows Registry).

When authentication succeeds, you must check the IsEncrypted and IsSigned properties to determine what security services are used by the SslStream. Check the IsMutuallyAuthenticated property to determine whether mutual authentication occurred.

If the authentication fails, you receive a AuthenticationException, and this SslStream is no longer useable. You should close this object and remove all references to it so that it can be collected by the garbage collector.

Note

Client certificates are not supported in the SSL version 2 protocol.

Applies to