Comments on: Using Certificate-based Authentication and Protection with Windows Communication Foundation (WCF)

By: Kelsey

Kelsey — Wed, 28 May 2008 18:05:41 +0000

Nice example, much appreciated!

I had my service hosted under IIS, and I found I had to do the following, in order for the ASPNET user to see my Serverside certificate:

winhttpcertcfg -g -c LOCAL_MACHINE\My -s ServerSide -a ASPNET

You can download the winhttpcertcfg from Microsoft.

By: Niti

Niti — Thu, 01 May 2008 18:21:50 +0000

How do we know all of this actually doing anything? Did you actually inspect the SOAP message. Also, what exactly is this achieving. Are you encrypting, signing or authenticating?

By: Anderson

Anderson — Tue, 29 Apr 2008 23:12:57 +0000

How can you check on the server side for a particular client certificate, say we need to check not only that a certificate is authentic, but that that specific certificate has been approved for use (ie in a DB “user” table)?

By: Wolf

Wolf — Tue, 22 Apr 2008 09:27:28 +0000

I have used this code for a sample web application, without writing web.config… and it work fine.
In this manner you can write only server side configuration part.

localhost.Service1Client Sample = new localhost.Service1Client(); Sample.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindBySubjectName, "ClientSide"); Sample.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.PeerTrust;

Response.Write(Sample.MyOperation1("sample value"));

By: Brett

Brett — Mon, 31 Mar 2008 20:26:57 +0000

Good article. I notice there is no mention of adding windows security access to the created certificate’s private key for the process running this code. Is this necessary? I cannot get this to work on my machine without this step.

By: Harendra

Harendra — Thu, 07 Feb 2008 06:31:54 +0000

This is an excellent article on the use of certificate. I have been through few good books (WCF Programming, Learning WCF, PRO WCF, WCF Unleashed) and few other sites but your article is simplest and most effective one to get basics right. Well done might.

I may produce few on future as I move forward, in particular on using ‘SQLMmevership’ provider for authentication/authorization.

By: Mitch Denny

Mitch Denny — Wed, 14 Nov 2007 20:39:47 +0000

Hi Ron,

Unfortunately I don’t have any samples in my back pocket for this. You’ll probably need to implement your own UserNameTokenManager though.

By: Ron

Ron — Thu, 08 Nov 2007 13:11:45 +0000

Mitch,

I’m struggling with trying to use the SQLMembershipProvider for authorization/authentication in WCF over TCP (not HTTP). Documentation is sparse on this and what little there is does not work. Do you have any (complete) samples on this?

Thanks,
Ron

By: Securing a WCF service with Certificates « The Wandering Glitch 2

Securing a WCF service with Certificates « The Wandering Glitch 2 — Wed, 31 Oct 2007 05:03:45 +0000

[...] and what settings are required to work with the certificates. Thanks to Mitch Denny, who wrote a very good post on the use of certificates, which helped a lot more than some of the official documentation. This [...]

By: Mitch Denny

Mitch Denny — Sat, 22 Sep 2007 06:58:58 +0000

Hi Peter,

Sounds like something environmental - how are you identifying the certificate in the configuration file?