X509CertificateValidator 類別

  • 參考

定義

命名空間:
System.IdentityModel.Selectors
組件:
System.ServiceModel.Primitives.dll
組件:
System.IdentityModel.dll
套件:
System.ServiceModel.Primitives v6.0.0
套件:
System.ServiceModel.Primitives v6.2.0
套件:
System.ServiceModel.Primitives v8.0.0
來源:
X509CertificateValidator.cs
來源:
X509CertificateValidator.cs
來源:
X509CertificateValidator.cs

驗證 X.509 憑證。

public ref class X509CertificateValidator abstract
public ref class X509CertificateValidator abstract : System::IdentityModel::Configuration::ICustomIdentityConfiguration
public abstract class X509CertificateValidator
public abstract class X509CertificateValidator : System.IdentityModel.Configuration.ICustomIdentityConfiguration
type X509CertificateValidator = class
type X509CertificateValidator = class
    interface ICustomIdentityConfiguration
Public MustInherit Class X509CertificateValidator
Public MustInherit Class X509CertificateValidator
Implements ICustomIdentityConfiguration
繼承
Object
X509CertificateValidator
衍生
實作
ICustomIdentityConfiguration

範例

public class MyX509CertificateValidator : X509CertificateValidator
{
    string allowedIssuerName;
    public MyX509CertificateValidator(string allowedIssuerName)
    {
        if (allowedIssuerName == null)
        {
            throw new ArgumentNullException("allowedIssuerName");
        }

        this.allowedIssuerName = allowedIssuerName;
    }
    public override void Validate(X509Certificate2 certificate)
    {
        // Check that there is a certificate.
        if (certificate == null)
        {
            throw new ArgumentNullException("certificate");
        }

        // Check that the certificate issuer matches the configured issuer
        if (allowedIssuerName != certificate.IssuerName.Name)
        {
            throw new SecurityTokenValidationException
              ("Certificate was not issued by a trusted issuer");
        }
    }
}


Public Class MyX509CertificateValidator
    Inherits X509CertificateValidator
    Private allowedIssuerName As String

    Public Sub New(ByVal allowedIssuerName As String)
        If allowedIssuerName Is Nothing Then
            Throw New ArgumentNullException("allowedIssuerName")
        End If

        Me.allowedIssuerName = allowedIssuerName

    End Sub

    Public Overrides Sub Validate(ByVal certificate As X509Certificate2)
        ' Check that there is a certificate.
        If certificate Is Nothing Then
            Throw New ArgumentNullException("certificate")
        End If

        ' Check that the certificate issuer matches the configured issuer
        If allowedIssuerName <> certificate.IssuerName.Name Then
            Throw New SecurityTokenValidationException("Certificate was not issued by a trusted issuer")
        End If

    End Sub
End Class

備註

使用 X509CertificateValidator 類別,指定可將 X.509 憑證視為有效的情況。 這可以透過從 X509CertificateValidator 衍生類別以及覆寫 Validate 方法的方式達成。

建構函式

X509CertificateValidator()

初始化 X509CertificateValidator 類別的新執行個體。

屬性

ChainTrust

取得會使用信賴鏈結來驗證 X.509 憑證的驗證程式。
None

取得不會對 X.509 憑證執行任何驗證的驗證程式。 這樣一來,X.509 憑證永遠會被視為有效。
PeerOrChainTrust

取得驗證程式,這個驗證程式會檢查憑證是否存放在 TrustedPeople 憑證存放區中,或者是藉由建置憑證信賴鏈結來檢查。 如果憑證通過任何一個驗證方法,就判定為受信任的憑證。
PeerTrust

取得驗證程式,這個驗證程式會檢查憑證是否在 TrustedPeople 憑證存放區中。

方法

CreateChainTrustValidator(Boolean, X509ChainPolicy)

取得驗證程式,這個驗證程式會指定用於建置和驗證信賴鏈結的內容及鏈結原則,以便檢查 X.509 憑證。
CreatePeerOrChainTrustValidator(Boolean, X509ChainPolicy)

取得驗證程式,這個驗證程式會檢查憑證是否存放在 TrustedPeople 憑證存放區中,或者藉由指定用於建置憑證信賴鏈結的內容及鏈結原則來進行檢查。 如果憑證通過任何一個驗證方法,就判定為受信任的憑證。
Equals(Object)

判斷指定的物件是否等於目前的物件。

(繼承來源 Object)
GetHashCode()

做為預設雜湊函式。

(繼承來源 Object)
GetType()

取得目前執行個體的 Type

(繼承來源 Object)
LoadCustomConfiguration(XmlNodeList)

在衍生類別中覆寫時,從 XML 載入自訂組態。
MemberwiseClone()

建立目前 Object 的淺層複製。

(繼承來源 Object)
ToString()

傳回代表目前物件的字串。

(繼承來源 Object)
Validate(X509Certificate2)

在衍生類別 (Derived Class) 中覆寫時,驗證 X.509 憑證。

適用於