X509ClientCertificateAuthentication.RevocationMode Propriedade
Definição
Obtém ou define o modo de revogação de certificado para a validação de certificado ChainTrust e PeerOrChainTrust X.509.Gets or sets the certificate revocation mode for ChainTrust and PeerOrChainTrust X.509 certificate validation.
public:
property System::Security::Cryptography::X509Certificates::X509RevocationMode RevocationMode { System::Security::Cryptography::X509Certificates::X509RevocationMode get(); void set(System::Security::Cryptography::X509Certificates::X509RevocationMode value); };
public System.Security.Cryptography.X509Certificates.X509RevocationMode RevocationMode { get; set; }
member this.RevocationMode : System.Security.Cryptography.X509Certificates.X509RevocationMode with get, set
Public Property RevocationMode As X509RevocationMode
Valor da propriedade
Um dos valores em X509RevocationMode: NoCheck, Online ou Offline.One of the values in X509RevocationMode: NoCheck, Online, or Offline. O padrão é Online.The default is Online.
Exceções
set quando a credencial for somente leitura.set when credential is read-only.
Exemplos
O código a seguir mostra como definir essa propriedade.The following code shows how to set this property.
// Create a service host.
Uri httpUri = new Uri("http://localhost/Calculator");
ServiceHost sh = new ServiceHost(typeof(Calculator), httpUri);
// Create a binding that uses a certificate.
WSHttpBinding b = new WSHttpBinding(SecurityMode.Message);
b.Security.Message.ClientCredentialType =
MessageCredentialType.Certificate;
// Get a reference to the authentication object.
X509ClientCertificateAuthentication myAuthProperties =
sh.Credentials.ClientCertificate.Authentication;
// Configure ChainTrust with no revocation check.
myAuthProperties.CertificateValidationMode =
X509CertificateValidationMode.ChainTrust;
myAuthProperties.RevocationMode = X509RevocationMode.NoCheck;
' Create a service host.
Dim httpUri As New Uri("http://localhost/Calculator")
Dim sh As New ServiceHost(GetType(Calculator), httpUri)
' Create a binding that uses a certificate.
Dim b As New WSHttpBinding(SecurityMode.Message)
b.Security.Message.ClientCredentialType = _
MessageCredentialType.Certificate
' Get a reference to the authentication object.
Dim myAuthProperties As X509ClientCertificateAuthentication = _
sh.Credentials.ClientCertificate.Authentication
' Configure ChainTrust with no revocation check.
myAuthProperties.CertificateValidationMode = _
X509CertificateValidationMode.ChainTrust
myAuthProperties.RevocationMode = X509RevocationMode.NoCheck
A propriedade também pode ser definida em um arquivo de configuração.The property can also be set in a configuration file.
<serviceCredentials>
<clientCertificate>
<authentication certificateValidationMode='ChainTrust' revocationMode = 'NoCheck'/>
</clientCertificate>
</serviceCredentials>
Comentários
Ao usar certificados, o sistema valida que o certificado do cliente não foi revogado, verificando se o certificado do cliente não está na lista de certificados revogados.When using certificates, the system validates that the client certificate is not revoked, by checking that the client certificate is not in the revoked certificate list. Essa verificação pode ser executada marcando online ou verificando em relação a uma lista de revogação armazenada em cache.This check can be performed either by checking online or by checking against a cached revocation list. A verificação de revogação pode ser desativada definindo essa propriedade como NoCheck .Revocation checking can be turned off by setting this property to NoCheck.
Para obter mais informações, consulte trabalhando com certificados.For more information, see Working with Certificates.