Partager via


LocalCertificateSelectionCallback Délégué

Définition

Sélectionne le certificat SSL (Secure Sockets Layer) local utilisé pour l'authentification.

public delegate System::Security::Cryptography::X509Certificates::X509Certificate ^ LocalCertificateSelectionCallback(System::Object ^ sender, System::String ^ targetHost, X509CertificateCollection ^ localCertificates, X509Certificate ^ remoteCertificate, cli::array <System::String ^> ^ acceptableIssuers);
public delegate System.Security.Cryptography.X509Certificates.X509Certificate LocalCertificateSelectionCallback(object sender, string targetHost, X509CertificateCollection localCertificates, X509Certificate? remoteCertificate, string[] acceptableIssuers);
public delegate System.Security.Cryptography.X509Certificates.X509Certificate LocalCertificateSelectionCallback(object sender, string targetHost, X509CertificateCollection localCertificates, X509Certificate remoteCertificate, string[] acceptableIssuers);
type LocalCertificateSelectionCallback = delegate of obj * string * X509CertificateCollection * X509Certificate * string[] -> X509Certificate
Public Delegate Function LocalCertificateSelectionCallback(sender As Object, targetHost As String, localCertificates As X509CertificateCollection, remoteCertificate As X509Certificate, acceptableIssuers As String()) As X509Certificate 

Paramètres

sender
Object

Objet contenant les informations d'état de cette validation.

targetHost
String

Serveur hôte spécifié par le client.

localCertificates
X509CertificateCollection

X509CertificateCollection qui contient des certificats locaux.

remoteCertificate
X509Certificate

Certificat utilisé pour authentifier le tiers distant.

acceptableIssuers
String[]

Tableau String des émetteurs des certificats admis par le tiers distant.

Valeur renvoyée

X509Certificate utilisé pour établir une connexion SSL.

Exemples

L’exemple de code suivant illustre une implémentation de méthode pour ce délégué.

static X509Certificate^ SelectLocalCertificate(
        Object^ sender, 
        String^ targetHost, 
        X509CertificateCollection^ localCertificates, 
        X509Certificate^ remoteCertificate, 
        array<String^>^ acceptableIssuers
)
{	
    Console::WriteLine("Client is selecting a local certificate.");
    if (acceptableIssuers != nullptr && 
            acceptableIssuers->Length > 0 &&
            localCertificates != nullptr &&
            localCertificates->Count > 0)
    {
        // Use the first certificate that is from an acceptable issuer.
        IEnumerator^ myEnum1 = localCertificates->GetEnumerator();
        while ( myEnum1->MoveNext() )
        {
            X509Certificate^ certificate = safe_cast<X509Certificate^>(myEnum1->Current);
            String^ issuer = certificate->Issuer;
            if ( Array::IndexOf( acceptableIssuers, issuer ) != -1 )
                return certificate;
        }
    }
    if (localCertificates != nullptr &&
            localCertificates->Count > 0)
        return localCertificates[0];
            
    return nullptr;
 }
public static X509Certificate SelectLocalCertificate(
    object sender,
    string targetHost,
    X509CertificateCollection localCertificates,
    X509Certificate remoteCertificate,
    string[] acceptableIssuers)
{	
    Console.WriteLine("Client is selecting a local certificate.");
    if (acceptableIssuers != null &&
        acceptableIssuers.Length > 0 &&
        localCertificates != null &&
        localCertificates.Count > 0)
    {
        // Use the first certificate that is from an acceptable issuer.
        foreach (X509Certificate certificate in localCertificates)
        {
            string issuer = certificate.Issuer;
            if (Array.IndexOf(acceptableIssuers, issuer) != -1)
                return certificate;
        }
    }
    if (localCertificates != null &&
        localCertificates.Count > 0)
        return localCertificates[0];

    return null;
}

L’exemple de code suivant illustre la création d’un instance de ce délégué.

// Server name must match the host name and the name on the host's certificate. 
serverName = args[ 1 ];

// Create a TCP/IP client socket.
TcpClient^ client = gcnew TcpClient( serverName,5000 );
Console::WriteLine( L"Client connected." );

// Create an SSL stream that will close the client's stream.
SslStream^ sslStream = gcnew SslStream( 
    client->GetStream(),
    false,
    gcnew RemoteCertificateValidationCallback( ValidateServerCertificate ),
    gcnew LocalCertificateSelectionCallback( SelectLocalCertificate ) );
// Server name must match the host name and the name on the host's certificate.
serverName = args[0];
// Create a TCP/IP client socket.
TcpClient client = new TcpClient(serverName,5000);
Console.WriteLine("Client connected.");
// Create an SSL stream that will close the client's stream.
SslStream sslStream = new SslStream(
    client.GetStream(),
    false,
    new RemoteCertificateValidationCallback (ValidateServerCertificate),
    new LocalCertificateSelectionCallback(SelectLocalCertificate)
    );

Remarques

Ce délégué est utilisé pour construire des instances de la SslStream classe . La SslStream classe est utilisée pour sécuriser les informations échangées entre un client et un serveur. Le client et le serveur utilisent ce délégué pour sélectionner un certificat à utiliser pour l’authentification.

Méthodes d’extension

GetMethodInfo(Delegate)

Obtient un objet qui représente la méthode représentée par le délégué spécifié.

S’applique à

Voir aussi