locked
How to enable SSL & Certificate in case WCF TCP binding RRS feed

  • Question

  • User88744855 posted

    any one can guide me how to enable SSL & Certificate in case WCF TCP binding. any idea.

    var baseAddress = "localhost";
    var factory = new DuplexChannelFactory<IMyWCFService>(new InstanceContext(SiteServer.Instance));
    factory.Endpoint.Address = new EndpointAddress("net.tcp://{0}:8000/".Fmt(baseAddress));
    var binding = new NetTcpBinding(SecurityMode.Message);
    binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
    factory.Endpoint.Binding = binding;
    var u = factory.Credentials.UserName;
    u.UserName = userName;
    u.Password = password;
    return factory.CreateChannel();

    thanks

    Tuesday, April 1, 2014 10:22 AM

Answers

  • User-417640953 posted

    Hi,

    Thanks for the post.

    For your issue, you can refer to below code.

    NetTcpBinding b = new NetTcpBinding(SecurityMode.TransportWithMessageCredential);
    b.Security.Message.ClientCredentialType = MessageCredentialType.Certificate;
    Uri netTcpAdddress = new Uri("net.tcp://baseAddress");
    ServiceHost sh = new ServiceHost(typeof(Calculator), netTcpAdddress);
    sh.Credentials.ServiceCertificate.SetCertificate(
        StoreLocation.LocalMachine, StoreName.My,
        X509FindType.FindByIssuerName, "Contoso.com");
    sh.AddServiceEndpoint(typeof(ICalculator), b, "TcpCalculator");
    sh.Open();
    

    For more information, please check below article.

    http://msdn.microsoft.com/en-us/library/ms789011.aspx

    Thanks.

    Best Regards!

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, April 2, 2014 3:16 AM
  • User-417640953 posted

    the where wcf service will run there could be many certificate may exist. how to mention which certificate i need to attach?
    my question is how to programmatically specify or identify a specific certificate because a user may create many certificate so how do i differentiate two certificate by code.

    Hi,

    As we known, there is a specific area in our computer used to store certificates.

    sh.Credentials.ServiceCertificate.SetCertificate(
    

    Above SetCertificate method can contains four parameters, that specifies the certificate to use for representing the service by specifying

    the subject distinguished name, the certificate store name and store location.

    SetCertificate(StoreLocation, StoreName, X509FindType, Object)

    X509FindType is enum, that contains many values such as FindBySubjectName, FindByIssuerName, FindByThumbprint and so on.

    http://msdn.microsoft.com/zh-cn/library/system.security.cryptography.x509certificates.x509findtype(v=vs.110).aspx

    When WCF search the a certificate, it will according to loaction (StoreLocation, StoreName) and key value (X509FindType, Object).

    Well, you think them like that, StoreLocation as machine, StoreName as folder, X509FindType as certificate Identity, Object is the value of certificate Identity.

    Thanks.

    Best Regards!

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, April 3, 2014 9:44 PM

All replies

  • User-417640953 posted

    Hi,

    Thanks for the post.

    For your issue, you can refer to below code.

    NetTcpBinding b = new NetTcpBinding(SecurityMode.TransportWithMessageCredential);
    b.Security.Message.ClientCredentialType = MessageCredentialType.Certificate;
    Uri netTcpAdddress = new Uri("net.tcp://baseAddress");
    ServiceHost sh = new ServiceHost(typeof(Calculator), netTcpAdddress);
    sh.Credentials.ServiceCertificate.SetCertificate(
        StoreLocation.LocalMachine, StoreName.My,
        X509FindType.FindByIssuerName, "Contoso.com");
    sh.AddServiceEndpoint(typeof(ICalculator), b, "TcpCalculator");
    sh.Open();
    

    For more information, please check below article.

    http://msdn.microsoft.com/en-us/library/ms789011.aspx

    Thanks.

    Best Regards!

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, April 2, 2014 3:16 AM
  • User88744855 posted

    thanks for your code.

    u show how to attach certificate by code like this way

    sh.Credentials.ServiceCertificate.SetCertificate(
        StoreLocation.LocalMachine, StoreName.My,
        X509FindType.FindByIssuerName, "Contoso.com");

    the where wcf service will run there could be many certificate may exist. how to mention which certificate i need to attach?

    what is the meaning of StoreLocation.LocalMachine ? does it mean localhost ?

    what is the meaning of StoreName.My ?

    what is My ? is it any folder name if yes then what is the full path of this folder.

    what is X509FindType.FindByIssuerName ?

    what does it means because a single user may create or have many certificate. so how do i point to a specific certificate ?

    i can create many certificate with same name like "Contoso.com"

    my question is how to programmatically specify or identify a specific certificate because a user may create many certificate so how do i differentiate two certificate by code.

    thanks

    Thursday, April 3, 2014 4:47 AM
  • User-417640953 posted

    the where wcf service will run there could be many certificate may exist. how to mention which certificate i need to attach?
    my question is how to programmatically specify or identify a specific certificate because a user may create many certificate so how do i differentiate two certificate by code.

    Hi,

    As we known, there is a specific area in our computer used to store certificates.

    sh.Credentials.ServiceCertificate.SetCertificate(
    

    Above SetCertificate method can contains four parameters, that specifies the certificate to use for representing the service by specifying

    the subject distinguished name, the certificate store name and store location.

    SetCertificate(StoreLocation, StoreName, X509FindType, Object)

    X509FindType is enum, that contains many values such as FindBySubjectName, FindByIssuerName, FindByThumbprint and so on.

    http://msdn.microsoft.com/zh-cn/library/system.security.cryptography.x509certificates.x509findtype(v=vs.110).aspx

    When WCF search the a certificate, it will according to loaction (StoreLocation, StoreName) and key value (X509FindType, Object).

    Well, you think them like that, StoreLocation as machine, StoreName as folder, X509FindType as certificate Identity, Object is the value of certificate Identity.

    Thanks.

    Best Regards!

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, April 3, 2014 9:44 PM