none
How best to manage SSL in client-server product RRS feed

  • Question

  • I've developed an application that I sell to customers consisting of a Silverlight client that talks to WCF services on an IIS7 server.  The service calls need to be made over SSL.  What is the best way to the SSL  certificates with every server I ship out?  I'm not looking for IT help with physical certificate deployment so much as development strategies.  Is it possible/recommended to use self-signed certificates (seems reasonable since I have a known client base), or use a third-party certificate from Thawte (maybe easier given builtin trust, but more expensive and I'm worried about renewal management across all customer sites).  I could just leave mngt of the certificate to the customer, but sooner or later my app will fail if the certificates aren't managed properly. 

    Thoughts?

    Mark



    • Edited by MarkAArnold Monday, October 3, 2011 6:37 PM
    Monday, October 3, 2011 6:35 PM