RemoteCertificateValidationCallback Delegate
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Verifies the remote Secure Sockets Layer (SSL) certificate used for authentication.
public delegate bool RemoteCertificateValidationCallback(System::Object ^ sender, X509Certificate ^ certificate, X509Chain ^ chain, SslPolicyErrors sslPolicyErrors);public delegate bool RemoteCertificateValidationCallback(object sender, X509Certificate? certificate, X509Chain? chain, SslPolicyErrors sslPolicyErrors);public delegate bool RemoteCertificateValidationCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors);type RemoteCertificateValidationCallback = delegate of obj * X509Certificate * X509Chain * SslPolicyErrors -> boolPublic Delegate Function RemoteCertificateValidationCallback(sender As Object, certificate As X509Certificate, chain As X509Chain, sslPolicyErrors As SslPolicyErrors) As Boolean Parameters
- sender
- Object
An object that contains state information for this validation.
- certificate
- X509Certificate
The certificate used to authenticate the remote party.
- chain
- X509Chain
The chain of certificate authorities associated with the remote certificate.
- sslPolicyErrors
- SslPolicyErrors
One or more errors associated with the remote certificate.
Return Value
A Boolean value that determines whether the specified certificate is accepted for authentication.
Examples
The following code example implements a method that's invoked by an instance of the RemoteCertificateValidationCallback class. If there are validation errors, this method displays them and returns false, which prevents communication with the unauthenticated server.
// The following method is invoked by the RemoteCertificateValidationDelegate.
public static bool ValidateServerCertificate(
object sender,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors sslPolicyErrors)
{
if (sslPolicyErrors == SslPolicyErrors.None)
return true;
Console.WriteLine("Certificate error: {0}", sslPolicyErrors);
// Do not allow this client to communicate with unauthenticated servers.
return false;
}
The following code example creates the delegate using the method defined in the preceding code example.
// Create a TCP/IP client socket.
// machineName is the host running the server application.
TcpClient client = new TcpClient(machineName,5000);
Console.WriteLine("Client connected.");
// Create an SSL stream that will close the client's stream.
SslStream sslStream = new SslStream(
client.GetStream(),
false,
new RemoteCertificateValidationCallback (ValidateServerCertificate),
null
);
// The server name must match the name on the server certificate.
try
{
sslStream.AuthenticateAsClient(serverName);
}
catch (AuthenticationException e)
{
Console.WriteLine("Exception: {0}", e.Message);
if (e.InnerException != null)
{
Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
}
Console.WriteLine ("Authentication failed - closing the connection.");
client.Close();
return;
}
Remarks
The delegate's sslPolicyErrors argument contains any certificate errors returned by SSPI while authenticating the client or server. The Boolean value returned by the method invoked by this delegate determines whether the authentication is allowed to succeed.
This delegate is used with the SslStream class.
Extension Methods
| GetMethodInfo(Delegate) |
Gets an object that represents the method represented by the specified delegate. |
