X509ClientCertificateAuthentication.TrustedStoreLocation Property

Reference

Definition

Namespace:: System.ServiceModel.Security

Assembly:: System.ServiceModel.dll

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Gets or sets the trusted store location under which context the client certificate chain is validated.

public:
 property System::Security::Cryptography::X509Certificates::StoreLocation TrustedStoreLocation { System::Security::Cryptography::X509Certificates::StoreLocation get(); void set(System::Security::Cryptography::X509Certificates::StoreLocation value); };

public System.Security.Cryptography.X509Certificates.StoreLocation TrustedStoreLocation { get; set; }

member this.TrustedStoreLocation : System.Security.Cryptography.X509Certificates.StoreLocation with get, set

Public Property TrustedStoreLocation As StoreLocation

Property Value

StoreLocation

The trusted store location under which context the client certificate chain is validated.

Exceptions

InvalidOperationException

set when credential is read-only.

Examples

// Create a service host.
Uri httpUri = new Uri("http://localhost/Calculator");
ServiceHost sh = new ServiceHost(typeof(Calculator), httpUri);

// Create a binding that uses a certificate.
WSHttpBinding b = new WSHttpBinding(SecurityMode.Message);
b.Security.Message.ClientCredentialType =
    MessageCredentialType.Certificate;

// Get a reference to the authentication object.
X509ClientCertificateAuthentication myAuthProperties =
    sh.Credentials.ClientCertificate.Authentication;
// Configure peer trust.
myAuthProperties.CertificateValidationMode =
    X509CertificateValidationMode.PeerTrust;
myAuthProperties.TrustedStoreLocation =
    StoreLocation.LocalMachine;

' Create a service host.
Dim httpUri As New Uri("http://localhost/Calculator")
Dim sh As New ServiceHost(GetType(Calculator), httpUri)

' Create a binding that uses a certificate.
Dim b As New WSHttpBinding(SecurityMode.Message)
b.Security.Message.ClientCredentialType = _
MessageCredentialType.Certificate

' Get a reference to the authentication object.
Dim myAuthProperties As X509ClientCertificateAuthentication = _
sh.Credentials.ClientCertificate.Authentication
' Configure peer trust.
myAuthProperties.CertificateValidationMode = _
X509CertificateValidationMode.PeerTrust
myAuthProperties.TrustedStoreLocation = StoreLocation.LocalMachine

The property can also be set in a configuration file.

<serviceCredentials>  
  <clientCertificate>  
     <authentication certificateValidationMode='ChainTrust'   trustedStoreLocation = 'LocalMachine'/>  
  </clientCertificate>  
</serviceCredentials>

Remarks

This property specifies whether machine or user context is used to verify the X.509 certificate chain.

Applies to

Share via