Reputation: 774
Configure Transport Level Security over tcp in a cross domain environment
I'm trying to implement transport level security for WCF services.
My application architecture is as follows:
WCF service is hosted as windows service in domainA.
Client is a WinForms application in DomainB.
Since it's a cross domain scenario, I have to use certificates for authenticating client and service so they can establish a secure connection.
My understanding is I need 3 certificates to achieve this:
- Service certificate - authenticates the service to the client.
Should be installed in Local Machine --> Trusted Root Certificates store on a service machine. - Certificate authority - a certificate that can be used to issue user specific certificates. Where should this one be installed? Service or client machine?
- User certificate.
Should be installed in Current User --> Trusted Root Certificate on a client machine.
I couldn't find any examples on the web that use certifcate authentication over tcp protocol.
I could only find https examples with services hosted in IIS.
Any reference to a tcp scenario is greatly appreciated.
Are my assumptions correct?
Where should I install the Certificate Authority certificate (item 2)?
Are there other, easier approaches besides using certificates to accomplish transport level security over tcp in a cross domain environments?
Thank you in advance.
Upvotes: 1
Views: 31
Answers (0)
Related Questions
- Using X509Certificates to secure WCF services
- WCF transport security and https
- WCF security cross domain
- Wcf transport security
- Custom X509CertificateValidator with BasicHttpSecurityMode.Transport?
- Transport Security with Certificate Authentication
- Transport security in WCF
- WCF transport security configuration question
- WCF Transport Security
- WCF Transport Security