EndpointIdentity.CreateX509CertificateIdentity Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Creates an X509Certificate identity.
Overloads
CreateX509CertificateIdentity(X509Certificate2) |
Creates an X509Certificate identity with the specified certificate. |
CreateX509CertificateIdentity(X509Certificate2, X509Certificate2Collection) |
Creates an X509Certificate identity with the specified primary and supporting certificates. |
Remarks
Choose between these two constructors based on whether you have supporting certificates.
A secure WCF client that connects to an endpoint with this identity verifies that the claims presented by the server contain the claim that contains the thumbprint of the certificate used to construct this identity.
CreateX509CertificateIdentity(X509Certificate2)
Creates an X509Certificate identity with the specified certificate.
public:
static System::ServiceModel::EndpointIdentity ^ CreateX509CertificateIdentity(System::Security::Cryptography::X509Certificates::X509Certificate2 ^ certificate);
public static System.ServiceModel.EndpointIdentity CreateX509CertificateIdentity (System.Security.Cryptography.X509Certificates.X509Certificate2 certificate);
static member CreateX509CertificateIdentity : System.Security.Cryptography.X509Certificates.X509Certificate2 -> System.ServiceModel.EndpointIdentity
Public Shared Function CreateX509CertificateIdentity (certificate As X509Certificate2) As EndpointIdentity
Parameters
- certificate
- X509Certificate2
An X509Certificate2 that contains the certificate for the identity.
Returns
An X509Certificate EndpointIdentity associated with the specified certificate
.
Exceptions
certificate
is null
.
Examples
The following code shows how to call this method.
// This method creates a WSFederationHttpBinding.
public static WSFederationHttpBinding CreateWSFederationHttpBinding()
{
// Create an instance of the WSFederationHttpBinding.
WSFederationHttpBinding b = new WSFederationHttpBinding();
// Set the security mode to Message.
b.Security.Mode = WSFederationHttpSecurityMode.Message;
// Set the Algorithm Suite to Basic256Rsa15.
b.Security.Message.AlgorithmSuite = SecurityAlgorithmSuite.Basic256Rsa15;
// Set NegotiateServiceCredential to true.
b.Security.Message.NegotiateServiceCredential = true;
// Set IssuedKeyType to Symmetric.
b.Security.Message.IssuedKeyType = SecurityKeyType.SymmetricKey;
// Set IssuedTokenType to SAML 1.1.
b.Security.Message.IssuedTokenType = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#samlv1.1";
// Extract the STS certificate from the certificate store.
X509Store store = new X509Store(StoreName.TrustedPeople, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
X509Certificate2Collection certs = store.Certificates.Find(X509FindType.FindByThumbprint, "cd 54 88 85 0d 63 db ac 92 59 05 af ce b8 b1 de c3 67 9e 3f", false);
store.Close();
// Create an EndpointIdentity from the STS certificate.
EndpointIdentity identity = EndpointIdentity.CreateX509CertificateIdentity(certs[0]);
// Set the IssuerAddress using the address of the STS and the previously created EndpointIdentity.
b.Security.Message.IssuerAddress = new EndpointAddress(new Uri("http://localhost:8000/sts/x509"), identity);
// Set the IssuerBinding to a WSHttpBinding loaded from config
b.Security.Message.IssuerBinding = new WSHttpBinding("Issuer");
// Set the IssuerMetadataAddress using the metadata address of the STS and the previously created EndpointIdentity.
b.Security.Message.IssuerMetadataAddress = new EndpointAddress(new Uri("http://localhost:8001/sts/mex"), identity);
// Create a ClaimTypeRequirement.
ClaimTypeRequirement ctr = new ClaimTypeRequirement("http://example.org/claim/c1", false);
// Add the ClaimTypeRequirement to ClaimTypeRequirements.
b.Security.Message.ClaimTypeRequirements.Add(ctr);
// Return the created binding.
return b;
}
}
Remarks
A secure WCF client that connects to an endpoint with this identity verifies that the claims presented by the server contain the claim that contains the thumbprint of the certificate used to construct this identity.
This static
method creates an instance of X509CertificateEndpointIdentity by calling its constructor, X509CertificateEndpointIdentity, using certificate
as the input parameter.
Applies to
CreateX509CertificateIdentity(X509Certificate2, X509Certificate2Collection)
Creates an X509Certificate identity with the specified primary and supporting certificates.
public:
static System::ServiceModel::EndpointIdentity ^ CreateX509CertificateIdentity(System::Security::Cryptography::X509Certificates::X509Certificate2 ^ primaryCertificate, System::Security::Cryptography::X509Certificates::X509Certificate2Collection ^ supportingCertificates);
public static System.ServiceModel.EndpointIdentity CreateX509CertificateIdentity (System.Security.Cryptography.X509Certificates.X509Certificate2 primaryCertificate, System.Security.Cryptography.X509Certificates.X509Certificate2Collection supportingCertificates);
static member CreateX509CertificateIdentity : System.Security.Cryptography.X509Certificates.X509Certificate2 * System.Security.Cryptography.X509Certificates.X509Certificate2Collection -> System.ServiceModel.EndpointIdentity
Public Shared Function CreateX509CertificateIdentity (primaryCertificate As X509Certificate2, supportingCertificates As X509Certificate2Collection) As EndpointIdentity
Parameters
- primaryCertificate
- X509Certificate2
An X509Certificate2 that contains the primary certificate for the identity.
- supportingCertificates
- X509Certificate2Collection
An X509Certificate2Collection that contains the supporting certificates for the identity.
Returns
A secure WCF client that connects to an endpoint with this identity verifies that the claims presented by the server contain the claim that contains the thumbprint of the certificate used to construct this identity.
An X509Certificate EndpointIdentity associated with the specified primaryCertificate
and supportingCertificates
.
Exceptions
primaryCertificate
or supportingCertificates
is null
.
Remarks
This static method creates an instance of X509CertificateEndpointIdentity by calling its constructor, X509CertificateEndpointIdentity, using primaryCertificate
and supportingCertificates
as input parameters.
Applies to
.NET