Deepak Agarwal
Reputation: 468
Client side <serviceCertificate> and <identity> elements
MSDN for <serviceCertificate>says this
This configuration element specifies the settings used by the client to validate the certificate presented by the service using SSL authentication.
MSDN for <identity> says this
In the handshake process between the client and service, the Windows Communication Foundation (WCF) infrastructure will ensure that the identity of the expected service matches the values of this element, and thus can be authenticated.
As I understand, both these elements are used to authenticate service to the client.
Question: Could someone please elaborate and let me know the difference?
Thanks!
Upvotes: 0
Views: 89
Answers (1)
The other other Alan
Reputation: 1918
These are quite different.
- As its name implies, the
<identity>element is used by the client to identify a service, answering the question "Who are you?" It contains many child elements that can be used for this purpose - as there are many ways of identifying a service: certificate, SPN, UPN, etc. <serviceCertificate>specifies an actual X.509 certificate used to authenticate a client or service, helping to answer the question "How can I be sure you are who you say you are?"
Upvotes: 2
Related Questions
- How to add a service reference to a WCF client for a web service requiring client authentication certificate
- Configuration for ClientCredentials ServiceCertificate authentication not applied or used
- WCF service certificate authentication
- WCF service certificate and client side endpoint identity - why it doesn't work?
- WCF service reference with certificate authentication
- accessing wcf client identity on service
- How do I programatically assign WCF ClientCredentials ServiceCertificate property?
- Authenticating to a WCF service
- Silverlight wcf and ClientCredentials
- How to use Message security and UserName clientCredentialType without Certificate in WCF Service?