Hi,
How can I turn off certificate revocation for a WCF service's client? The client proxy was generated by wsdl.exe and inherits SoapHttpClientProtocol.
+4
A:
I think you're looking for ServicePointManager.ServerCertificateValidationCallback:
Which takes a RemoteCertificateValidationCallback Delegate:
http://msdn.microsoft.com/en-gb/library/system.net.security.remotecertificatevalidationcallback.aspx
I've never dealt with a revoked certificate (other issues such as expired) before but I'm guessing you'd just do something like:
class Program
{
static void Main(string[] args)
{
ServicePointManager.ServerCertificateValidationCallback +=
new RemoteCertificateValidationCallback(ValidateCertificate);
// Do WCF calls...
}
public static bool ValidateCertificate(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
if(sslPolicyErrors == SslPolicyErrors.RemoteCertificateChainErrors)
{
foreach(X509ChainStatus chainStatus in chain.ChainStatus)
{
if(chainStatus.Status == X509ChainStatusFlags.Revoked)
{
return true;
}
}
}
return false;
}
}
Kev
2008-10-15 09:57:59
+1
A:
You can set certificate validation and revocation options in the config file for your application:
http://www.request-response.com/blog/PermaLink,guid,e9bb929b-d0b4-4626-b302-1d2715fc344a.aspx
jezell
2008-10-15 14:23:21