Reputation: 9709
WCF Service that identifies client by certificate
we've got a WCF Service using BasicHttpBinding with server- and client-certificates. We are using Transport security:
<security mode="Transport">
<transport clientCredentialType="Certificate" />
</security>
So far everything works (client calls a webmethod and is only allowed to, if the client certificate is issued by the trusted CA).
Now we want to check in the WCF service, if the client certificate is a specific certificate. The certificate we are looking for is known (installed on) the server, too.
How do we get the used client certificate in the service code? How do we load the certificate we want to compare to? How do we compare?
Upvotes: 4
Views: 771
Answers (1)
Reputation: 12680
Haven't actually tried this myself but the technique shown in this MSDN article seems to be what you're looking for. It explains how to create a custom certificate validator, (didn't know this was possible).
Upvotes: 4
Related Questions
- Certificate based authentication in WCF
- Using client certificates for authentication
- Wcf with certificate as ClientCredentials
- WCF service certificate authentication
- WCF service reference with certificate authentication
- WCF uniquely identify clients with certificates issue
- WCF Certificate Authentication with Service Only (No Client Cert)
- WCF Service on Client Side - SSL Certificate
- WCF Client Certificate Authentication
- Client certificates in wcf