HighTechTalks DotNet Forums  

RE: Securing self-hosted WCF Service with X509 certificate

Go Back HighTechTalks DotNet Forums Dotnet Dotnet Distributed Applications RE: Securing self-hosted WCF Service with X509 certificate

Dotnet Distributed Applications microsoft.public.dotnet.distributed_apps


Discuss RE: Securing self-hosted WCF Service with X509 certificate in the Dotnet Distributed Applications forum.



Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old   
Kinslayeruy
 
Posts: n/a

Default RE: Securing self-hosted WCF Service with X509 certificate - 06-25-2009 , 12:34 PM





You can look at http://www.codeproject.com/KB/WCF/WCFSSL.aspx for a simple
setup, tho you cant have the same certificate for every server unless they
all have the same dns name.
Ej:
Server 1 = www.server.com:81 and Server 2 = www.server.com:82 will work
becouse you can get a certificate for "server" but any 2 dns names that
differ will require different certificates

Also, you'll need a certificate your clients (users) can trust, i mean a
certificate that is issued by a trusted certificate authority. you can check
your default trusted certificates (should be the same ones on every machine)
by using the Certificate Management Console (the article describes how to
open it). you can buy one on any of the main trust certificate authorities
(verisign for example) tho they are not cheap...

good luck,
Juan

"MarkusStrobl" wrote:

Quote:
Hi!

I developed a file transfer service using WCF. This service is using net.tcp
binding and is self hosted in a windows service.

In order to encrypt the messages transfered between the client and the
server, i decided to use X509-certificates.

My goal would be the following:

Clients have the public key of the server installed in the windows
certificate store.
The server has its own private key installed.
When clients send messages to the server, a check is performed, if the data
is sent to a server with the same public key as the one installed on the
client-machine.
The server should not perform any checks. Every client is welcome.
We want to use the same certificate for every server, so the server-name
should not be checked either.

In the internet i only found samples using mutual authentication with
certificates so i got stuck now on this issue.

Any help would be greatly appreciated!

Thanks a lot in advance.

Markus

Reply With Quote
  #2  
Old   
MarkusStrobl
 
Posts: n/a

Default RE: Securing self-hosted WCF Service with X509 certificate - 07-07-2009 , 06:16 AM





Thanks a lot for your help, Juan!

The link you pointed me to helped me to in my unterstanding of how https
works and now i got a solution using wcf / https / basichttpbinding running.

I was only wondering about one thing:

When i tried to use the same approach but with net.tcp binding i'm failing.
The service throws the following exception:

System.InvalidOperationException: The service certificate is not provided.
Specify a service certificate in ServiceCredentials.

So is this only possible with https?

Thanks a lot for your reply!

Best Wishes
Markus

Reply With Quote
Reply

« Previous Thread | Next Thread »



Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Powered by vBulletin Version 3.5.4
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.


Contact Us - HighTechTalks DotNet Forums - Archive - Top