Modifying the ICertificatePolicy interface

The ICertificatePolicy interface is used to validate security certificates in a .NET application.

Because you can use the Endeca-generated certificates on different servers, the host name of the server cannot be validated. This can result in warning or error messages.

You can modify this policy to bypass the error conditions and point to your custom implementation. To do so, implement the ICertificatePolicy interface with a your custom policy, and then set the SecurityPointManager.CertificatePolicy to point to it.

The following example demonstrates such an override:

class ExampleDotNetSetup
  {
    /// <summary>
    /// The main entry point for the application.
    /// </summary>
    [STAThread]
    static void Main(string[] args)
    {
      try 
      {
        // Set the certificate policy if you are using endeca certs 
        // to ignore hostname matching
        ServicePointManager.CertificatePolicy = new MyCertificateValidation();
        // Create service stubs change url to be https://eachost:eacsslport
        // and invoke services...
        Console.Out.WriteLine("It worked");
      }
      catch (Exception e)
      {
        Console.Out.WriteLine(e);
      }
    }
}

For more information, contact Endeca Professional Services, or see the Microsoft Developer’s Network (MSDN) documentation on ICertificatePolicy, which is located here:

http://msdn.microsoft.com/library/default.asp?url=/library/
en-us/cpref/html/frlrfsystemneticertificatepolicyclasstopic.asp