WCF on IIS with SSL

Question

User-1015540584 posted

Hi,

I need some advice.

I have WCF hosted on IIS with SSL
I need to use a client certificate as optional - it is some sort of authorization level.
If the client provides the certificate then some  business functionalities will be available.
Client certificate will be stored in database.

I know there is X509CertifcateValidator. I don’t know how to implement it.

What is the correct approach to get client certificate as optional on IIS with SSL in WCF ?

Thanks in advance
Achot

 

 

Answer 1

User-1000095884 posted

Hi,

What is the correct approach to get client certificate as optional on IIS with SSL in WCF ?

WCF support configuring multiple endpoint for same service. If you want to provide different security restriction according to different client users, you can open different endpoints for the same service ( one endpoint with a binding set security mode to 'Transport' and clientCredentialType to 'None', another endpoint with a binding set security mode to 'Transport' and clientCredentialType to 'Certificate').

It needs install the certificate on the client machine if there need a certificate.

#How to: Create and Install Temporary Client Certificates in WCF During Development

http://msdn.microsoft.com/en-us/library/ff650751.aspx

I know there is X509CertifcateValidator. I don’t know how to implement it.

Reference on using a custom X509CertificateValidator

#How to use a custom X509CertificateValidator with an IIS hosted WCF service and self-signed client certificate

http://support.microsoft.com/kb/2480671

Best Regards.

Answer 2

User-1015540584 posted

Thanks for your help and time

Regards
Achot

Answer 3

User-1015540584 posted

Hi All,

It does not work for me.
I wonder if demo example can be provided for scenario where WCF hosted on IIS with SSL and client certificate is used.

Security mode should be Transport only
http://msdn.microsoft.com/en-us/library/ms731074.aspx

Thanks in advance

Achot