Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Specifies an X.509 certificate to be used when a service or STS does not provide one via a negotiation protocol.
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior> of <endpointBehaviors>
<clientCredentials>
<serviceCertificate> of <serviceCredentials>
<defaultCertificate findValue="String"
storeLocation=" CurrentUser/LocalMachine"
storeName="AddressBook/AuthRoot/CertificateAuthority/Disallowed/My/Root/TrustedPeople/TrustedPublisher"
x509FindType="FindByThumbPrint/FindBySubjectName/FindBySubjectDistinguishedName/FindByIssuerName/FindByIssuerDistinguishedName/FindBySerialiNumber/FindByTimeValid/FindByTimeNotYetValid/FindByTimeExpired/FindByTemplateName/FindByApplicationPolicy/FindByCertificatePolicy/FindByExtension/FindByKeyUsage/FindBySubjectKeyIdentifier" />
Attributes and Elements
The following sections describe attributes, child elements, and parent elements
Attributes
| Attribute | Description |
|---|---|
findValue |
String. The value to search for. |
x509FindType |
Enumeration. One of the certificate fields to search. |
storeLocation |
Enumeration. One of the two system store locations to search. |
storeName |
Enumeration. One of the system stores to search. |
findValue Attribute
| Value | Description |
|---|---|
String |
The value depends on the field (specified by the X509FindType attribute) being searched. For example, if searching for a thumbprint, the value must be a string of hexadecimal numbers. |
x509FindType Attribute
| Value | Description |
|---|---|
Enumeration |
Values include: FindByThumbprint, FindBySubjectName, FindBySubjectDistinguishedName, FindByIssuerName, FindByIssuerDistinguishedName, FindBySerialNumber, FindByTimeValid, FindByTimeNotYetValid, FindBySerialNumber, FindByTimeExpired, FindByTemplateName, FindByApplicationPolicy, FindByCertificatePolicy, FindByExtension, FindByKeyUsage, FindBySubjectKeyIdentifier. |
storeLocation Attribute
| Value | Description |
|---|---|
Enumeration |
CurrentUser or LocalMachine. |
storeName Attribute
| Value | Description |
|---|---|
Enumeration |
Values include: AddressBook, AuthRoot, CertificateAuthority, Disallowed, My, Root, TrustedPeople, and TrustedPublisher. |
Child Elements
None.
Parent Elements
| Element | Description |
|---|---|
Specifies a certificate to use when authenticating a service to the client. |
Example
The following example specifies a certificate to use for endpoints whose URI begins with https://www.contoso.com and a certificate to use for all other endpoints that do not perform certificate negotiation.
<serviceCertificate>
<defaultCertificate findValue="www.contoso.com"
storeLocation="LocalMachine"
storeName="TrustedPeople"
x509FindType="FindByIssuerDistinguishedName" />
<scopedCertificates>
<add targetUri="https://www.contoso.com"
findValue="www.contoso.com" storeLocation="LocalMachine"
storeName="Root" x509FindType="FindByIssuerName" />
</scopedCertificates>
<authentication revocationMode="Online"
trustedStoreLocation="LocalMachine" />
</serviceCertificate>
See Also
Reference
<authentication> of <clientCertificate> Element
Other Resources
.gif)
Send comments about this topic to Microsoft.
© Microsoft Corporation. All rights reserved.