none
Production Certificate WCF RRS feed

  • Question

  • Hi,

    I'm driving myself mad here and need a bit of help. There seem to be plenty of resources out there for installing temporary certificates in a dev environment but not a lot (findable) that deal with production and issued certs.

    Basically I have

    • a WCF Service hosted using a Windows Service.
    • a set of certificates given to me which were bought for our companies production systems, they comprise of AddTrustExternalCARoot.crt, ASCERTUS.COM.crt (our company) and NetworkSolutionsDVServerCA.crt (issuing authority)

    I've installed the ascertus.com certificate onto my dev machine (LocalMachine certs), and dragged it into Trusted Publishers (it originally installed to Other People)

    On opening the certificate 

    Thursday, October 9, 2014 12:32 PM

Answers

  • Hi,

    Usually the production certificates/purchase certificates will be handled by IT department as they involve private key which need to be secured may be that is the reason you may not find much documentation.

    1. All the file names you list above are .crt files that means they just contain public part of the certificate they are not just sufficient to make SSL Handshake. 

    2. Certificates with private keys usually has .p12 or pfx extension and protected with a password.

    3. In order to install the certificates I would say you manually install the certificate to the required store\folder rather just double clicking. This way it would always install to the current user store. If you copy past or drag only the public part gets copied. The private will never get copied. Due to this TLS or SSL will never succeed. 

    4. I use MMC, Goto LocalMachine and corresponding folder then Import. In the import dialog choose the file. Enter the password.

    5. Then configure the subject details in WCF config. (This you know as you might've done in your dev environment)

    Get back to us if you face any problems.

    /Srinivas

    Friday, October 10, 2014 6:54 AM

All replies

  • pls try:
    How to: Create and Install Temporary Certificates in WCF for Transport Security During Development
    http://msdn.microsoft.com/en-us/library/ff648498.aspx
    Friday, October 10, 2014 5:51 AM
  • Hi,

    Usually the production certificates/purchase certificates will be handled by IT department as they involve private key which need to be secured may be that is the reason you may not find much documentation.

    1. All the file names you list above are .crt files that means they just contain public part of the certificate they are not just sufficient to make SSL Handshake. 

    2. Certificates with private keys usually has .p12 or pfx extension and protected with a password.

    3. In order to install the certificates I would say you manually install the certificate to the required store\folder rather just double clicking. This way it would always install to the current user store. If you copy past or drag only the public part gets copied. The private will never get copied. Due to this TLS or SSL will never succeed. 

    4. I use MMC, Goto LocalMachine and corresponding folder then Import. In the import dialog choose the file. Enter the password.

    5. Then configure the subject details in WCF config. (This you know as you might've done in your dev environment)

    Get back to us if you face any problems.

    /Srinivas

    Friday, October 10, 2014 6:54 AM