System.Net.Security.CertificateNegotiation Class

Provides a managed way to perform X.509 certificate-based authentication. This class is used to negotiate client and server certificates in secure communication protocols like TLS/SSL.

Introduction

The System.Net.Security.CertificateNegotiation class is a crucial component for establishing secure network connections in applications built with the .NET Framework. It abstracts the complexities of the underlying security protocols, allowing developers to focus on authenticating parties involved in a communication. This class plays a key role in scenarios requiring mutual authentication, where both the client and server present and validate X.509 certificates.

Syntax

public static class CertificateNegotiation

This is a static class, meaning all its members are accessed through the class name itself without requiring an instance of the class.

Inheritance Hierarchy

Members

Properties

• public static System.Security.Cryptography.X509Certificates.X509CertificateCollection ClientCertificates { get; }

  Gets the collection of client certificates that will be sent to the server.

• public static System.Security.Cryptography.X509Certificates.X509CertificateCollection Target { get; }

  Gets or sets the target server that the client is attempting to authenticate.

Methods

• public static bool AllowAnyClientCert()

  Indicates that any client certificate is acceptable for authentication.

• public static bool AllowAnyRSASignature()

  Indicates that any RSA signature is acceptable for client authentication.

• public static bool AllowAnyServerCert()

  Indicates that any server certificate is acceptable for authentication.

• public static bool CreateClientIdentity(System.Security.Cryptography.X509Certificates.X509Certificate certificate)

  Creates a client identity using the specified certificate.

• public static bool CreateServerIdentity(System.Security.Cryptography.X509Certificates.X509Certificate certificate)

  Creates a server identity using the specified certificate.

• public static System.Security.Cryptography.X509Certificates.X509Certificate SelectClientCertificate(System.Security.Cryptography.X509Certificates.X509CertificateCollection acceptableCertificates, System.Security.Cryptography.X509Certificates.X509CertificateRootStoreType rootStoreType)

  Selects a client certificate from the specified collection that is trusted by the specified root store.

• public static System.Security.Cryptography.X509Certificates.X509Certificate SelectServerCertificate(System.Security.Cryptography.X509Certificates.X509CertificateCollection acceptableCertificates, System.Security.Cryptography.X509Certificates.X509CertificateRootStoreType rootStoreType)

  Selects a server certificate from the specified collection that is trusted by the specified root store.

Requirements

Assembly: System.Net.dll
Namespace: System.Net.Security
Platform: .NET Framework 2.0 and later versions.

See Also

• System.Net.Security Namespace
• X509Certificate Class
• TcpClient Class
• SslStream Class