static void ValidatePrivateKey(X509Certificate2 certificate)
{
bool hasPrivateKey = false;
try
{
if (System.ServiceModel.LocalAppContextSwitches.DisableCngCertificates)
{
hasPrivateKey = certificate != null && certificate.PrivateKey != null;
}
else
{
hasPrivateKey = certificate.HasPrivateKey && SecurityUtils.CanReadPrivateKey(certificate);
}
}
catch (SecurityException e)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentException(SR.GetString(SR.SslCertMayNotDoKeyExchange, certificate.SubjectName.Name), e));
}
catch (CryptographicException e)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentException(SR.GetString(SR.SslCertMayNotDoKeyExchange, certificate.SubjectName.Name), e));
}
if (!hasPrivateKey)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentException(SR.GetString(SR.SslCertMustHavePrivateKey, certificate.SubjectName.Name)));
}
}