System.Net.Security.CertificateMode Enum
Specifies how the X.509 certificate is provided to the SSL/TLS client or server.
Declaration
public enum CertificateModeRemarks
The CertificateMode enumeration is used by the SslStream class to determine how the X.509 certificate is handled during the SSL/TLS handshake. This enum is crucial for configuring the security context of network communication when using protocols like HTTPS or FTPS.
Different security requirements necessitate different approaches to certificate provision. For example, a server might require a certificate to prove its identity, while a client might also present a certificate for mutual authentication. The CertificateMode enum allows developers to explicitly define these behaviors.
When creating an SslStream, you can specify the CertificateMode to control whether the server should request a client certificate, whether it should use a server certificate, or both.
Members
| Member name | Description | 0
|---|---|
SendCertificateOnly |
The server sends its certificate to the client. This is the most common mode for servers that need to authenticate themselves to clients. |
RequestCertificate |
The server requests a certificate from the client. This is used for mutual authentication, where both the client and server need to prove their identities. |
AllowCertificate |
The server allows the client to send a certificate but does not require it. If the client sends a certificate, it is validated. This is useful for optional client authentication. |
Requirements
Namespace: System.Net.Security
Assembly: System.Net.Security.dll