EndpointIdentity.CreateX509CertificateIdentity 方法

参考

定义

命名空间:: System.ServiceModel

程序集:: System.ServiceModel.dll

重要

一些信息与预发行产品相关，相应产品在发行之前可能会进行重大修改。对于此处提供的信息，Microsoft 不作任何明示或暗示的担保。

创建一个 X509Certificate 标识。

重载

CreateX509CertificateIdentity(X509Certificate2)	使用指定的证书创建一个 X509Certificate 标识。
CreateX509CertificateIdentity(X509Certificate2, X509Certificate2Collection)	使用指定的主要支持证书创建一个 X509Certificate 标识。

注解

基于是否拥有支持证书在这两个构造函数中进行选择。

通过此标识连接到终结点的安全 WCF 客户端验证服务器提供的声明中是否具有一个包含用于构造此标识的证书指纹的声明。

CreateX509CertificateIdentity(X509Certificate2)

使用指定的证书创建一个 X509Certificate 标识。

public:
 static System::ServiceModel::EndpointIdentity ^ CreateX509CertificateIdentity(System::Security::Cryptography::X509Certificates::X509Certificate2 ^ certificate);

public static System.ServiceModel.EndpointIdentity CreateX509CertificateIdentity (System.Security.Cryptography.X509Certificates.X509Certificate2 certificate);

static member CreateX509CertificateIdentity : System.Security.Cryptography.X509Certificates.X509Certificate2 -> System.ServiceModel.EndpointIdentity

Public Shared Function CreateX509CertificateIdentity (certificate As X509Certificate2) As EndpointIdentity

参数

certificate: X509Certificate2

一个包含标识的证书的 X509Certificate2。

EndpointIdentity

一个与特定的 EndpointIdentity 关联的 X509Certificate certificate。

例外

ArgumentNullException

certificate 为 null。

示例

下面的代码演示如何调用此方法。

    // This method creates a WSFederationHttpBinding.
    public static WSFederationHttpBinding CreateWSFederationHttpBinding()
    {
        // Create an instance of the WSFederationHttpBinding.
        WSFederationHttpBinding b = new WSFederationHttpBinding();

        // Set the security mode to Message.
        b.Security.Mode = WSFederationHttpSecurityMode.Message;

        // Set the Algorithm Suite to Basic256Rsa15.
        b.Security.Message.AlgorithmSuite = SecurityAlgorithmSuite.Basic256Rsa15;

        // Set NegotiateServiceCredential to true.
        b.Security.Message.NegotiateServiceCredential = true;

        // Set IssuedKeyType to Symmetric.
        b.Security.Message.IssuedKeyType = SecurityKeyType.SymmetricKey;

        // Set IssuedTokenType to SAML 1.1.
        b.Security.Message.IssuedTokenType = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#samlv1.1";

        // Extract the STS certificate from the certificate store.
        X509Store store = new X509Store(StoreName.TrustedPeople, StoreLocation.CurrentUser);
        store.Open(OpenFlags.ReadOnly);
        X509Certificate2Collection certs = store.Certificates.Find(X509FindType.FindByThumbprint, "cd 54 88 85 0d 63 db ac 92 59 05 af ce b8 b1 de c3 67 9e 3f", false);
        store.Close();

        // Create an EndpointIdentity from the STS certificate.
        EndpointIdentity identity = EndpointIdentity.CreateX509CertificateIdentity(certs[0]);

        // Set the IssuerAddress using the address of the STS and the previously created EndpointIdentity.
        b.Security.Message.IssuerAddress = new EndpointAddress(new Uri("http://localhost:8000/sts/x509"), identity);

        // Set the IssuerBinding to a WSHttpBinding loaded from config
        b.Security.Message.IssuerBinding = new WSHttpBinding("Issuer");

        // Set the IssuerMetadataAddress using the metadata address of the STS and the previously created EndpointIdentity.
        b.Security.Message.IssuerMetadataAddress = new EndpointAddress(new Uri("http://localhost:8001/sts/mex"), identity);

        // Create a ClaimTypeRequirement.
        ClaimTypeRequirement ctr = new ClaimTypeRequirement("http://example.org/claim/c1", false);

        // Add the ClaimTypeRequirement to ClaimTypeRequirements.
        b.Security.Message.ClaimTypeRequirements.Add(ctr);

        // Return the created binding.
        return b;
    }
}

注解

通过此标识连接到终结点的安全 WCF 客户端验证服务器提供的声明中是否具有一个包含用于构造此标识的证书指纹的声明。

此 static 方法通过调用其构造函数 X509CertificateEndpointIdentity，并使用 X509CertificateEndpointIdentity 作为输入参数创建 certificate 的实例。

适用于

CreateX509CertificateIdentity(X509Certificate2, X509Certificate2Collection)

使用指定的主要支持证书创建一个 X509Certificate 标识。

public:
 static System::ServiceModel::EndpointIdentity ^ CreateX509CertificateIdentity(System::Security::Cryptography::X509Certificates::X509Certificate2 ^ primaryCertificate, System::Security::Cryptography::X509Certificates::X509Certificate2Collection ^ supportingCertificates);

public static System.ServiceModel.EndpointIdentity CreateX509CertificateIdentity (System.Security.Cryptography.X509Certificates.X509Certificate2 primaryCertificate, System.Security.Cryptography.X509Certificates.X509Certificate2Collection supportingCertificates);

static member CreateX509CertificateIdentity : System.Security.Cryptography.X509Certificates.X509Certificate2 * System.Security.Cryptography.X509Certificates.X509Certificate2Collection -> System.ServiceModel.EndpointIdentity

Public Shared Function CreateX509CertificateIdentity (primaryCertificate As X509Certificate2, supportingCertificates As X509Certificate2Collection) As EndpointIdentity

参数

primaryCertificate: X509Certificate2

一个包含标识的主要证书的 X509Certificate2。

supportingCertificates: X509Certificate2Collection

一个包含标识的支持证书的 X509Certificate2Collection。

EndpointIdentity

通过此标识连接到终结点的安全 WCF 客户端验证服务器提供的声明中是否具有一个包含用于构造此标识的证书指纹的声明。

EndpointIdentity与指定primaryCertificate和 supportingCertificates.

例外

ArgumentNullException

primaryCertificate 或 supportingCertificates 为 null。

注解

此静态方法通过调用其构造函数 X509CertificateEndpointIdentity，并使用 X509CertificateEndpointIdentity 和 primaryCertificate 作为输入参数创建 supportingCertificates 的实例。

适用于

通过

EndpointIdentity.CreateX509CertificateIdentity 方法

定义

重载

注解

CreateX509CertificateIdentity(X509Certificate2)

参数

返回

例外

示例

注解

适用于

CreateX509CertificateIdentity(X509Certificate2, X509Certificate2Collection)

参数

返回

例外

注解

适用于

其他资源