Reputation: 1210
WCF Client Certificate Authentication
We have a typical client-server WCF service and I would like the following:
- Client passes a certificate to the Server through the ClientCredentials property
- Server looks at the certificate and see's that it has been issued by our trusted certificate authority
- The client is rejected if they use a certificate that is not issued by our CA.
The client has a clientAuthentication certificate installed, along with our trusted CA. The server has our trusted CA certificate installed. I dont want to install any other certificates.
I am flexible on the binding, however it does need to work in a web scenerio.
I thought about using BasicHttpBinding with TransportCredentialOnly, however it doesnt support certificates :(.
Ive tried using wsHttpBinding in Message mode, however that requires a ServerCertificate to perform server authentication and message encryption... which I dont want!
Is there any built-in way to achieve this?
Upvotes: 2
Views: 2004
Answers (1)
Reputation: 364409
All build in bindings allow using client certificates only when server certificate is used - mutal certificate authentication and security. To support your scenario you will have to handle it completely yourselves. If you want to inject your authentication mechanism to WCF you will have to do custom token and custom credentials.
Upvotes: 2
Related Questions
- Certificate based authentication in WCF
- Using client certificates for authentication
- Wcf with certificate as ClientCredentials
- C# WCF communication with client certificate
- WCF service certificate authentication
- Client certificate authentication WCF
- How do I implement Client Certificate authentication the right way?
- WCF client with Client Certificate and Basic Authentication
- WCF - Authenticate the client with Message Security using Certificates
- Client certificates in wcf