ThingWorx Edge .NET SDK Reference > .NET SDK ClientConfigurator: Client/Server Certificate Validation
.NET SDK ClientConfigurator: Client/Server Certificate Validation
The ClientConfigurator class contains settings that enable/disable various levels of Certificate validation. Both Client and Server certificates can be configured for validation. Additionally, specific X.509 fields can be configured for validation. Alternatively, certificate validation can be disabled altogether. Disabling is NOT RECOMMENDED, especially in a production environment.
* 
Version 5.8.3 of the .NET SDK includes the OpenSSL v.1.1.1j library, which does NOT support FIPS mode. If you require FIPS mode with the .NET SDK, you need to obtain an older version of OpenSSL that supports FIPS mode (NOT recommended). In addition, all older versions of OpenSSL have been removed from the SDK. As of version 5.8.0, the axTLS library is no longer provided with the .NET SDK.
By default the SDK is set up to ensure the most secure connection possible. Many settings are available to modify the default behavior and may provide some level of convenience during development, such as allowing self-signed certificates. However, using the most secure settings possible for production is STRONGLY recommended. The next two sections explain how to set up properties for server certificate validation at the edge and for client certificate validation. For information about security and setting up SSL/TLS certificates, refer to the section, Security for ThingWorx Edge SDK Applilcations.
The next several sections provide more detail about certificates and validation for the .NET SDK:
Was this helpful?