I understsand that if I want to use authentication in WCF then I need to install a certificate on my server which WCF will use to encrypt data passing between my server and client.
For development purposes I believe I can use the makecert.exe util. to make a development certificate.
What is the worst that can happen if I use this certificate on the production environment?
and...
Why cant I use this certificate on the production environment?
and ...
What is the certificate actually going to do in this scenario?
[Edit: Added another question]
finally...
In a scenario where the website has a certificate installed to provide HTTPS support can the same certificate be used for the WCF services as well?
Note on my application: Its a NetTCP client and server service. The users will log in using the same username and password which they use for the website which is passed in clear text. I would be happy to pass the u/n + p/w in cleartext to WCF but this isnt allowed by the framework and a certificate must be in place. However, I dont want to buy an certificate due to budget constraints!
(Sorry for the possibly stupid question but I really dont understand this so would welcome some help with this).