Custom certificate validation in WCF service

Question

I want to check client certificates in my WCF service.

My goal is to allow only clients with certificates with specific thumbprints to be able to communicate with my

Answer 1

You can create a class derived from X509CertificateValidator and use it to do custom validation of the incoming certificate. Throw an SecurityTokenValidationException if you want to fail validation for some reason.

Set the certificateValidationMode to Custom and specify your validator in the clientCertificate service behavior section of the config file.

How to: Create a Service that Employs a Custom Certificate Validator