[SOLVED] How to turn off certificate revocation for a WCF service's client?

How to turn off certificate revocation for a WCF service's client?

How can I turn off certificate revocation for a WCF service's client? The client proxy was generated by wsdl.exe and inherits SoapHttpClientProtocol.

Solution

I think you're looking for ServicePointManager.ServerCertificateValidationCallback:

http://msdn.microsoft.com/en-gb/library/system.net.servicepointmanager.servercertificatevalidationcallback.aspx

Which takes a RemoteCertificateValidationCallback Delegate:

http://msdn.microsoft.com/en-gb/library/system.net.security.remotecertificatevalidationcallback.aspx

I've never dealt with a revoked certificate before (I have hand to handle other issues such as expired SSL's), but I'm guessing you'd just do something like:

class Program
{
    static void Main(string[] args)
    {
        ServicePointManager.ServerCertificateValidationCallback +=
            new RemoteCertificateValidationCallback(ValidateCertificate);

        // Do WCF calls...
    }

    public static bool ValidateCertificate(object sender, X509Certificate cert, 
                              X509Chain chain, SslPolicyErrors sslPolicyErrors)
    {
        if(sslPolicyErrors == SslPolicyErrors.RemoteCertificateChainErrors)
        {
            foreach(X509ChainStatus chainStatus in chain.ChainStatus)
            {
                if(chainStatus.Status == X509ChainStatusFlags.Revoked)
                {
                    return true;
                }
            }
        }
        
        /* 
         WARNING!
     
         You should perform other cert validation checks here and not blindly 
         override your cert validation by returning true.

         Otherwise the secure channel between your client and service
         may not be secure.

        */

        return false;
    }
}