Where do I get my WCF service to handle X509 certificates? C#.NET

Question

Hello all I've knocked up a WCFservice and a client. I also have a class to validated X509 certificates.

Here is a snippet of the Web.config file of the service:

<behavior name="HelloWorldWFC2.Service1Behavior">
 <serviceCredentials>
  <serviceCertificate findValue="Service"
       x509FindType="FindBySubjectName"
       storeLocation="CurrentUser"
       storeName="My" />

  <clientCertificate>
   <authentication certificateValidationMode="Custom"
       customCertificateValidatorType="type" />
  </clientCertificate>
 </serviceCredentials>
</behavior>

But I don't know where to handle the receiving of certificates? I assume there is something I specficially have to overwrite because apparently not handling them allows anything to connect etc. etc.

Any help most appreciated :)

Answer 1

That customCertificateValidatorType attribute allows you to specify the full name of a class that derives from X509CertificateValidator and decides if it wants to accept the certificate or not. There's an example of this in the WCF documentation.

Notice that if you don't want/need that, then you can set certificateValidationMode to one of the other possible values to have the certificate be checked automatically against a certificate store.