none
WCF service certificate authentication RRS feed

  • Question

  • when wcf service will use certificate then how the client will send certificate to wcf service which will consume wcf service. this idea is not clear to me that when wcf client will call wcf service first time then how client will send certificate to service? please discuss how people work with wcf & certificate.

    also guide me briefly that what are the step we need to do to attach certificate with our wcf service?

    how wcf client end can send certificate to wcf service when they make a call?

    do we need at all anything to configure for certificate at wcf client end?

    please discuss. thanks

    Monday, March 31, 2014 1:57 PM

Answers

All replies

  • Hi,

    When use the certificate authentication in the wcf, then in the serive side and client side, you will need to install the service certificate and the client certificate. Then in the client side, the client will use the service public key to encrypt the message and send to the service, then the service will use the service private key to decrypt the message. And in the service side, it will use the the client public key to encrypt the message and send to the client. Then the client will use the client private key to decrypt the message.

    For more information, please try to refer to:
    #An easy way to use certificates for WCF security:
    http://www.codeproject.com/Articles/18601/An-easy-way-to-use-certificates-for-WCF-security .

    #How to: Use Certificate Authentication and Message Security in WCF:
    http://msdn.microsoft.com/en-us/library/ff648360.aspx .

    #How to: Use Certificate Authentication and Transport Security in WCF:
    http://msdn.microsoft.com/en-us/library/ff650785.aspx .

    Best Regards,
    Amy Peng



    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.


    Tuesday, April 1, 2014 7:19 AM
    Moderator
  • you said i need to install certificate at both end in case of certificate authentication. so when we design a wcf service and any body can consume this service then how is it possible for me to install certificate at client side because we may not know who can be client.

    if it is mandatory in case certificate authentication that we need to install certificate at both end then we hardly can use certificate authentication for any wcf service. i guess certificate authentication can used only when we can access client or may the service will be used in our own domain or organization.

    looking for further guidance. thanks

    Tuesday, April 1, 2014 9:05 AM
  • i heard that it is not mandatory to install certificate at client end. when there will be mutual authentication then only client also need to install certificate.

    can u tell me that where private key of cert file is stored because i came to know that only public key is stored inside cert file........so automatically i like to know where private key of cert file is stored ?

    thanks

    Wednesday, April 2, 2014 1:57 PM
  • i heard that it is not mandatory to install certificate at client end. when there will be mutual authentication then only client also need to install certificate.

    can u tell me that where private key of cert file is stored because i came to know that only public key is stored inside cert file........so automatically i like to know where private key of cert file is stored ?

    thanks

    Hi,

    Please try to check this article, it should help you:
    #Mutual authentication certificate with WCF:
    http://blogs.msdn.com/b/mcsuksoldev/archive/2011/12/14/mutual-authentication-with-a-iis-hosted-wcf-data-service-installed-in-a-workgroup-environment.aspx .

    And using this tool you can find the created private key:
    #FindPrivateKey:
    http://msdn.microsoft.com/en-us/library/aa717039.aspx.

    Best Regards,
    Amy Peng


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.



    Thursday, April 3, 2014 5:41 AM
    Moderator