<clientCertificate> of <clientCredentials> Element
Defines an X.509 certificate used to authenticate a client to a service.
<configuration>
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior>
<clientCredentials>
<clientCertificate>
Syntax
<clientCertificate findValue="String"
storeLocation="LocalMachine/CurrentUser"
storeName="AddressBook/AuthRoot/CertificateAuthority/Disallowed/My/Root/TrustedPeople/TrustedPublisher"
x509FindType="FindByThumbPrint/FindBySubjectName/FindBySubjectDistinguishedName/FindByIssuerName/FindByIssuerDistinguishedName/FindBySerialNumber/FindByTimeValid/FindByTimeNotYetValid/FindByTemplateName/FindByApplicationPolicy/FindByCertificatePolicy/FindByExtension/FindByKeyUsage/FindBySubjectKeyIdentifier" />
Attributes and Elements
The following sections describe attributes, child elements, and parent elements
Attributes
Attribute | Description |
---|---|
findValue |
A string that contains the value to search for in the X.509 certificate store. The type contained in the attribute must satisfy the requirements of the x509FindType attribute value. The default is an empty string. |
storeLocation |
Specifies the location of the X.509 certificate that the client uses to authenticate itself to the service. Valid values include the following: - LocalMachine: the certificate store assigned to the local machine. - CurrentUser: the certificate store assigned to the current user. The default is LocalMachine. This attribute is of type StoreLocation. |
storeName |
Specifies the name of the X.509 certificate store to search. Valid values include the following: - AddressBook: Certificate store for other users. - AuthRoot: Certificate store for third-party certificate authorities (CAs). - CertificateAuthority: Certificate store for intermediate certificate authorities (CAs). - Disallowed: Certificate store for revoked certificates. - My: Certificate store for personal certificates. - Root: Certificate store for trusted root certificate authorities (CAs). - TrustedPeople: Certificate store for directly trusted people and resources. - TrustedPublisher: Certificate store for directly trusted publishers. The default is My. This attribute is of type StoreName. |
x509FindType | Defines the type of X.509 search to be executed. The type contained in the findValue attribute must satisfy the requirements of this attribute. Valid values include the following:- FindByThumbPrint - FindBySubjectName - FindBySubjectDistinguishedName - FindByIssuerName - FindByIssuerDistinguishedName - FindBySerialNumber - FindByTimeValid - FindByTimeNotYetValid - FindByTemplateName - FindByApplicationPolicy - FindByCertificatePolicy - FindByExtension - FindByKeyUsage - FindBySubjectKeyIdentifier The default value is FindBySubjectDistinguishedName. This attribute is of type X509FindType. |
Child Elements
None.
Parent Elements
Element | Description |
---|---|
<clientCredentials> | Specifies the credentials used to authenticate the client to a service. |
Remarks
This configuration element specifies the certificate used to authenticate the client with this element. For more information, see How to: Specify Client Credential Values.
See also
Collaborate with us on GitHub
The source for this content can be found on GitHub, where you can also create and review issues and pull requests. For more information, see our contributor guide.