X509ClientCertificateAuthentication.RevocationMode 屬性

定義

命名空間:

System.ServiceModel.Security

組件:

System.ServiceModel.dll

取得或設定 ChainTrust 和 PeerOrChainTrust X.509 憑證驗證的憑證撤銷模式。

public:
 property System::Security::Cryptography::X509Certificates::X509RevocationMode RevocationMode { System::Security::Cryptography::X509Certificates::X509RevocationMode get(); void set(System::Security::Cryptography::X509Certificates::X509RevocationMode value); };

public System.Security.Cryptography.X509Certificates.X509RevocationMode RevocationMode { get; set; }

member this.RevocationMode : System.Security.Cryptography.X509Certificates.X509RevocationMode with get, set

Public Property RevocationMode As X509RevocationMode

屬性值

X509RevocationMode

X509RevocationMode 中的其中一個值：NoCheck、Online 或 Offline。 預設為 Online。

例外狀況

InvalidOperationException

設定 (set) 認證何時為唯讀。

範例

下列程式碼將示範如何設定這個屬性。

// Create a service host.
Uri httpUri = new Uri("http://localhost/Calculator");
ServiceHost sh = new ServiceHost(typeof(Calculator), httpUri);

// Create a binding that uses a certificate.
WSHttpBinding b = new WSHttpBinding(SecurityMode.Message);
b.Security.Message.ClientCredentialType =
    MessageCredentialType.Certificate;

// Get a reference to the authentication object.
X509ClientCertificateAuthentication myAuthProperties =
    sh.Credentials.ClientCertificate.Authentication;

// Configure ChainTrust with no revocation check.
myAuthProperties.CertificateValidationMode =
    X509CertificateValidationMode.ChainTrust;
myAuthProperties.RevocationMode = X509RevocationMode.NoCheck;

' Create a service host.
Dim httpUri As New Uri("http://localhost/Calculator")
Dim sh As New ServiceHost(GetType(Calculator), httpUri)

' Create a binding that uses a certificate.
Dim b As New WSHttpBinding(SecurityMode.Message)
b.Security.Message.ClientCredentialType = _
MessageCredentialType.Certificate

' Get a reference to the authentication object.
Dim myAuthProperties As X509ClientCertificateAuthentication = _
sh.Credentials.ClientCertificate.Authentication

' Configure ChainTrust with no revocation check.
myAuthProperties.CertificateValidationMode = _
X509CertificateValidationMode.ChainTrust
myAuthProperties.RevocationMode = X509RevocationMode.NoCheck

這個屬性也可以在組態檔中設定。

<serviceCredentials>  
  <clientCertificate>  
     <authentication certificateValidationMode='ChainTrust'   revocationMode = 'NoCheck'/>  
  </clientCertificate>  
</serviceCredentials>  

備註

使用憑證時，系統會檢查用戶端憑證不在撤銷憑證清單中，驗證用戶端憑證尚未遭到撤銷。 這項檢查可以藉由線上檢查或是核對快取的撤銷清單來執行。 將此屬性設定為 NoCheck 可以關閉撤銷檢查。

如需詳細資訊，請參閱 使用憑證。

另請參閱

• 使用憑證