An application can set the ServicePointManager.ServerCertificateValidationCallback property to a method to use for custom validation by the client of the server certificate. When doing custom validation, the sender parameter passed to the System.Net.Security.RemoteCertificateValidationCallback can be a host string name or an object derived from System.Net.WebRequest (System.Net.HttpWebRequest, for example) depending on the ServicePointManager.CertificatePolicy property.

When custom validation is not used, the certificate name is compared with host name used to create the request. For example, if WebRequest.Create(string) was passed a parameter of "https://www.contoso.com/default.hmtl", the default behavior is for the client to check the certificate against www.contoso.com.