Does WCF do CRL/OCSP certificate checking?

Question

We are working on a payment processing application and want to make sure we are doing CRL/OCSP checks when establishing secure connections (we will be initiating a TLS 1.1 session with a server). I would think that .NET would do this for us, but I'm not able to find any information in this regard.

1. Does .NET do this auto-magically?
2. Are there any settings to control how it works?
3. Please provide links to documentation that I cannot seem to find.
4. If it does not do this for us. Is there a 'best-practice' method for performing the checks, such as the X509Certificate2.Verify Method?

Thank you!

Answer 1

1. yes, by default WCF client do check server certificate to determine if it is valid for requested usage and is not revoked.
2. yes, you can control certificate validation behavior. These threads discuss the subject:

One: WCF, REST, SSL, Client, custom certificate validation

Two: Custom WCF client certificate over ssl validation