Validating X509 Certificates for SSL over HTTP
Topic Last Modified: 2009-07-01
By validating the X509 certificate provided by the computer running Microsoft Exchange Server 2007 for SSL over HTTP, you help to provide a layer of security for the client application. You must validate certificates before you can start programming with Exchange Web Services proxy classes. If the callback is not set up, the first call will fail with a certificate error.
Certificate Validation Example
The following code example shows the callback used to validate certificates. To use this code in a production environment, you must implement the certificate validation so that the callback returns false if there are validation errors.
System.Net.ServicePointManager.ServerCertificateValidationCallback =
delegate(Object obj, X509Certificate certificate, X509Chain chain, SslPolicyErrors errors)
{
// Replace this line with code to validate server certificate.
};
For information about certificate validation code, see ServicePointManager.ServerCertificateValidationCallback Property.
Note
The Autodiscover sample application includes an example that shows how to perform the certificate validation. For more information, see Autodiscover Sample Application.