tags:

views:

81

answers:

1
+1  Q: 

using ssl in wcf service.

I want to use SSL using security mode = transport.

Can I use it with following settings in my web config

<bindings>
    <wsHttpBinding>
        <binding name="wsHttpEndpointBinding">
           <security mode="Transport">
              <transport clientCredentialType="Windows" />
           </security>
        </binding>
    </wsHttpBinding>
</bindings>

I am installing root certificate on server side and temp ceritficate on the client side. Should this work by current web settings??

+1  A: 

Yes, if that's what you want to do:

  • you'll have SSL-enabled HTTPS transport
  • you're using the wsHttp binding
  • your users will be authenticated against the Windows domain (Active Directory)

This requires that your client and server are in the same common Windows domain, or at least in two Windows domains that are in a mutual trust relationship with one another (so that the service can authenticate the calling user against Active Directory).

This will not support anonymous callers, or callers from outside your Windows domain.

The question is: if it's really within your Windows domain and thus behind your corporate firewall, why are you using wsHttpBinding? NetTcpBinding would be much faster and more efficient in this scenario....

Marc

marc_s  2009-10-07 13:44:54
Thanks Marc, Just a last question. To enable SSL support I am creating Root certificate that is deployed on server Trusted domain and Temp Certificate that is deployed on client machine. Is that the right approach ?
Ashish Ashu  2009-10-07 13:50:24
@Ashish: I must admit, I'm not intimately familiar with the details of how to set up SSL on client and server, quite honestly.
marc_s  2009-10-07 13:52:18
This is intranet scenario and client and service are in same domain
Ashish Ashu  2009-10-07 13:52:30
No issues Marc. I just want to verify that using <transport clientCredentialType="Windows" /> I can use SSL-Enable approach (Certificates ).
Ashish Ashu  2009-10-07 13:56:01
@Asish: yes, the securityMode=transport requires some type of transport-level security, which is typically handled by using SSL.
marc_s  2009-10-07 14:30:38

related questions

Dynamic programming with WCF
WCF Service Returning "Method Not Allowed"
Exceptions in Web Services
What SPN do I need to set for a net.tcp service?
How do I unit test a WCF service?
Best practices for versioning your services with WCF?
Lazy Loading with a WCF Service Domain Model?
How many ServiceContracts can a WCF Service have?
How can I authenticate using client credentials in WCF just once?
WCF - Domain Objects and IExtensibleDataObject
InvalidOperationException while creating wcf web service instance
Closing and Disposing a WCF Service
What WCF best practices do you follow in object model design?
WCF push to client through firewall?
Loading System.ServiceModel configuration section using ConfigurationManager
I would like some tips for debugging WCF Web Service exceptions
What's the best way to authenticate over WCF?
Good Reads for Distributed Systems
.Net - Returning DataTables in WCF
What is the easiest way to add compression to WCF in Silverlight?
WCF Backward Compatibility Issue
Best Practices for securing a REST API / web service
Web Services -- WCF vs. Standard
C# WCF Service - Backward compatibility issue
WCF - High availability