Sets the certificate-validation callback.


Namespace: NetricsServerInterface
Assembly: NetricsServerInterface (in NetricsServerInterface.dll)

Syntax

Visual Basic (Declaration)
Public�Sub�setCertificateValidator(�_�
���ByVal�certValidator�As�RemoteCertificateValidationCallback�_�
)
C#
public�void�setCertificateValidator(
���RemoteCertificateValidationCallback�certValidator
)
C++
public:
void�setCertificateValidator(
���RemoteCertificateValidationCallback�certValidator
)�sealed�
J#
public�void�setCertificateValidator(
���RemoteCertificateValidationCallback�certValidator
)
JScript
public� function�setCertificateValidator(
���certValidator�:�RemoteCertificateValidationCallback
)

Parameters

certValidator
The callback used to filter validation.

Remarks

The default is DefaultCertificateValidator. A custom certificate validator is needed only in unusual circumstances. For example if a self-signed certificate is in use.

Example

A sample custom certificate validator for self-signed certificates:

Copy Code
             private static bool 
             validateSelfSignedCertificate(object sender, 
                                           X509Certificate certificate,
                                           X509Chain chain,
                                           SslPolicyErrors sslPolicyErrors)
             {
                 if (sslPolicyErrors == SslPolicyErrors.None)
                     return true;
             
                 // A self-signed certificate should have exactly one chain status entry,
                 // and that entry should be "untrusted root"
             
                 if ((sslPolicyErrors & SslPolicyErrors.RemoteCertificateChainErrors) != 0) {
                     if ((chain.ChainStatus.Length == 1) && (chain.ChainStatus[0].Status == X509ChainStatusFlags.UntrustedRoot)) {
                         // The one acceptable case
                         sslPolicyErrors -= SslPolicyErrors.RemoteCertificateChainErrors;
                     }
                     else {
                         Console.WriteLine("{0} cert chain errors", chain.ChainStatus.Length);
                         foreach (var chainStatus in chain.ChainStatus) {
                             X509ChainStatusFlags xflags = chainStatus.Status;
                             Console.WriteLine("\t" + chainStatus.Status);
                             Console.WriteLine("\t" + chainStatus.StatusInformation);
                         }
                         return false;
                     }
                 }
            
                 // Self-signed certificates likely won't match the "domain name"
                 sslPolicyErrors = sslPolicyErrors & ~SslPolicyErrors.RemoteCertificateNameMismatch;
            
                 if (sslPolicyErrors == SslPolicyErrors.None)
                     return true;
            
                 Console.WriteLine("Certificate error: {0}", sslPolicyErrors);
            
                 return false;
             }
             

See Also