IssuedTokenServiceCredential.KnownCertificates Property

Definition

Namespace:: System.ServiceModel.Security

Assembly:: System.ServiceModel.dll

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Gets a list of known certificates.

public:
 property System::Collections::Generic::IList<System::Security::Cryptography::X509Certificates::X509Certificate2 ^> ^ KnownCertificates { System::Collections::Generic::IList<System::Security::Cryptography::X509Certificates::X509Certificate2 ^> ^ get(); };

public System.Collections.Generic.IList<System.Security.Cryptography.X509Certificates.X509Certificate2> KnownCertificates { get; }

member this.KnownCertificates : System.Collections.Generic.IList<System.Security.Cryptography.X509Certificates.X509Certificate2>

Public ReadOnly Property KnownCertificates As IList(Of X509Certificate2)

Property Value

IList<X509Certificate2>

A list of known certificates.

Examples

The following code shows one way to access and set this property.

// This method configures the IssuedTokenAuthentication property of a ServiceHost.
public static void ConfigureIssuedTokenServiceCredentials(
    ServiceHost sh, bool allowCardspaceTokens, IList<X509Certificate2> knownissuers,
    X509CertificateValidationMode certMode, X509RevocationMode revocationMode, SamlSerializer ser )
{
  // Allow CardSpace tokens.
  sh.Credentials.IssuedTokenAuthentication.AllowUntrustedRsaIssuers = allowCardspaceTokens;

  // Set up known issuer certificates.
  foreach(X509Certificate2 cert in knownissuers)
    sh.Credentials.IssuedTokenAuthentication.KnownCertificates.Add ( cert );

  // Set issuer certificate validation and revocation checking modes.
  sh.Credentials.IssuedTokenAuthentication.CertificateValidationMode =
      X509CertificateValidationMode.PeerOrChainTrust;
  sh.Credentials.IssuedTokenAuthentication.RevocationMode = X509RevocationMode.Online;
  sh.Credentials.IssuedTokenAuthentication.TrustedStoreLocation = StoreLocation.LocalMachine;

  // Set the SamlSerializer, if one is specified.
  if ( ser != null )
    sh.Credentials.IssuedTokenAuthentication.SamlSerializer = ser;
}

' This method configures the IssuedTokenAuthentication property of a ServiceHost.
Public Shared Sub ConfigureIssuedTokenServiceCredentials( _
    ByVal sh As ServiceHost, _
    ByVal allowCardspaceTokens As Boolean, _
    ByVal knownissuers As IList(Of X509Certificate2), _
    ByVal certMode As X509CertificateValidationMode, _
    ByVal revocationMode As X509RevocationMode, _
    ByVal ser As SamlSerializer _
    )
    ' Allow CardSpace tokens.
    sh.Credentials.IssuedTokenAuthentication.AllowUntrustedRsaIssuers = _
    allowCardspaceTokens

    ' Set up known issuer certificates.
    Dim cert As X509Certificate2
    For Each cert In knownissuers
        sh.Credentials.IssuedTokenAuthentication.KnownCertificates.Add(cert)
    Next cert
    ' Set issuer certificate validation and revocation checking modes.
    sh.Credentials.IssuedTokenAuthentication.CertificateValidationMode = _
        X509CertificateValidationMode.PeerOrChainTrust
    sh.Credentials.IssuedTokenAuthentication.RevocationMode = _
    X509RevocationMode.Online

    ' Set the SamlSerializer, if one is specified.
    If Not (ser Is Nothing) Then
        sh.Credentials.IssuedTokenAuthentication.SamlSerializer = ser
    End If
End Sub

Applies to

Feedback

Was this page helpful?