CertificateSourceKind Enum
Namespace: System.Net.Security
Assembly: System.Net.Security.dll
Enum Value
Specifies the source of a client certificate.
| Member name | Description |
|---|---|
| Unknown | The certificate source is unknown. |
| Hash | The certificate is stored in the certificate store and identified by its hash. |
| Path | The certificate is located in a file. |
| SubjectName | The certificate is identified by its subject name. |
Remarks
The CertificateSourceKind enumeration is used to indicate where a client certificate can be found. This is particularly relevant when configuring client authentication for secure network connections, such as those using TLS/SSL.
When a server requests a client certificate, the client application can specify the source of the certificate using one of the values from this enumeration. For example:
CertificateSourceKind.Hashis useful when you have the thumbprint or hash of a certificate that is already installed in the Windows certificate store.CertificateSourceKind.Pathis used when the certificate is stored in a file (e.g., a.pfxor.cerfile).CertificateSourceKind.SubjectNamecan be used to locate a certificate based on its subject name, although this is less common for direct programmatic use due to potential ambiguity.
The Unknown value indicates that the source of the certificate is not specified or is not applicable.
Requirements
| Component | Version |
|---|---|
| Supported in: | .NET Framework 4.5, .NET Core 1.0, .NET Standard 1.3, UWP 10.0 |
| Platform | Windows, macOS, Linux |
See Also
Example
The following example demonstrates how to specify a client certificate from a file path.
// This example assumes a certificate file named "client.pfx" exists.
using System;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
public class CertificateExample
{
public static void Main(string[] args)
{
// Replace with the actual path to your certificate file
string certificatePath = @"C:\Certificates\client.pfx";
string certificatePassword = "YourPassword";
try
{
// Load the certificate from the file
X509Certificate2 clientCertificate = new X509Certificate2(certificatePath, certificatePassword);
// Create an HttpClient with the client certificate
HttpClientHandler handler = new HttpClientHandler();
handler.ClientCertificateOptions = ClientCertificateOption.Manual;
handler.SslProtocols = System.Security.Authentication.SslProtocols.Tls12; // Specify desired TLS version
// Although not directly using CertificateSourceKind here,
// the X509Certificate2 object loaded from a path represents
// a certificate identified by its source.
// In a more complex scenario, you might use CertificateSourceKind
// to determine how to obtain the certificate.
CertificateSourceKind sourceKind = CertificateSourceKind.Path;
// For demonstration, we'll just assign the loaded certificate.
handler.ClientCertificates.Add(clientCertificate);
using (HttpClient client = new HttpClient(handler))
{
// Configure the callback for server certificate validation if needed
// client.BaseAddress = new Uri("https://your-secure-server.com");
// var response = await client.GetAsync("/");
// Console.WriteLine($"Response: {response.StatusCode}");
Console.WriteLine("HttpClient configured with client certificate.");
}
}
catch (Exception ex)
{
Console.WriteLine($"An error occurred: {ex.Message}");
}
}
}