<peerAuthentication> Element
Specifies authentication options for peer-to-peer clients.
For more information about peer-to-peer programming, see Peer to Peer Networking.
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior> of <endpointBehaviors>
<clientCredentials>
<peer> of <clientCredentials> Element
<peerAuthentication
customCertificateValidatorType = "namespace.typeName, [,AssemblyName] [,Version=version number] [,Culture=culture] [,PublicKeyToken=token]"
certificateValidationMode = "ChainTrust/None/PeerTrust/PeerOrChainTrust/Custom"
revocationMode="NoCheck/Online/Offline"
trustedStoreLocation="CurrentUser/LocalMachine"
/>
Attributes and Elements
The following sections describe attributes, child elements, and parent elements
Attributes
| Attribute | Description |
|---|---|
customCertificateValidatorType |
Optional string. A type and assembly used to validate a custom type. This attribute must be set when certificateValidationMode is set to Custom. |
certifcateValidationMode |
Optional enumeration. Specifies one of three modes used to validate credentials. If set to Custom, then a customCertificateValidator must also be supplied. The default is ChainTrust. |
revocationMode |
Optional enumeration. One of the modes used to check for a revoked certificate lists (CRL). The default is Online. |
trustedStoreLocation |
Optional enumeration. One of the two system store locations: LocalMachine or CurrentUser. This value is used when a service certificate is negotiated to the client. Validation is performed against the Trusted People store in the specified store location. The default is CurrentUser. |
customCertificateValidatorType Attribute
| Value | Description |
|---|---|
String |
Specifies the type name and assembly and other data used to find the type. At minimum, a namespace and type name are required. Optional information includes: assembly name, version number, culture, and public key token. |
certificateValidationMode Attribute
| Value | Description |
|---|---|
Enumeration |
One of the following values: None, PeerTrust, ChainTrust, PeerOrChainTrust, Custom. The default is ChainTrust. For more information, see Working with Certificates. |
revocationMode Attribute
| Value | Description |
|---|---|
Enumeration |
One of the following values: NoCheck, Online, Offline. The default is Online. For more information, see Working with Certificates. |
trustedStoreLocation Attribute
| Value | Description |
|---|---|
Enumeration |
One of the following values: LocalMachine or CurrentUser. The default is CurrentUser. If the client application is running under a system account then the certificate is typically under LocalMachine. If the client application is running under a user account then the certificate is typically in CurrentUser. |
Child Elements
None.
Parent Elements
| Element | Description |
|---|---|
Specifies a credential used for authenticating the client to a peer service. |
Text Value
Insert content here.
Remarks
The <authentication> element corresponds to the X509PeerCertificateAuthentication class.
Example
The following code sets the certificate validation mode to PeerOrChainTrust.
<behaviors>
<endpointBehaviors>
<behavior name="MyEndpointBehavior">
<clientCredentials>
<peer>
<certificate findValue="www.contoso.com"
storeLocation="LocalMachine"
x509FindType="FindByIssuerName" />
<peerAuthentication
certificateValidationMode="PeerOrChainTrust" />
<messageSenderAuthentication certificateValidationMode="None" />
</peer>
</clientCredentials>
</behavior>
</endpointBehaviors>
See Also
Reference
X509PeerCertificateAuthenticationElement
PeerCredentialElement
Other Resources
Working with Certificates
Peer to Peer Networking
.gif)
Send comments about this topic to Microsoft.
© Microsoft Corporation. All rights reserved.