public static void SetServerCertificateValidationCallback(ServiceModelHttpMessageHandler handler)
{
if (!handler.SupportsClientCertificates)
{
throw ExceptionHelper.PlatformNotSupported("Server certificate validation not supported yet");
}
handler.ServerCertificateValidationCallback =
ChainValidator(handler.ServerCertificateValidationCallback);
}
internal override ServiceModelHttpMessageHandler GetHttpMessageHandler(EndpointAddress to, SecurityTokenContainer clientCertificateToken)
{
ServiceModelHttpMessageHandler handler = base.GetHttpMessageHandler(to, clientCertificateToken);
if (RequireClientCertificate)
{
SetCertificate(handler, clientCertificateToken);
}
AddServerCertMappingOrSetRemoteCertificateValidationCallback(handler, to);
return(handler);
}
private static void SetCertificate(ServiceModelHttpMessageHandler handler, SecurityTokenContainer clientCertificateToken)
{
if (clientCertificateToken != null)
{
if (!handler.SupportsClientCertificates)
{
throw ExceptionHelper.PlatformNotSupported("Client certificates not supported yet");
}
X509SecurityToken x509Token = (X509SecurityToken)clientCertificateToken.Token;
handler.ClientCertificates.Add(x509Token.Certificate);
}
}
private void AddServerCertMappingOrSetRemoteCertificateValidationCallback(ServiceModelHttpMessageHandler messageHandler, EndpointAddress to)
{
Fx.Assert(messageHandler != null, "httpMessageHandler should not be null.");
if (_sslCertificateValidator != null)
{
if (!messageHandler.SupportsClientCertificates)
{
throw ExceptionHelper.PlatformNotSupported("Client certificates not supported yet");
}
messageHandler.ServerCertificateValidationCallback = _remoteCertificateValidationCallback;
}
else
{
HttpTransportSecurityHelpers.SetServerCertificateValidationCallback(messageHandler);
}
}