I want to secure my WCF service.
For example if I want to generate public / private key pair without involving any third-party certification authority.
What is the way and method to do it?
Any idea or any other approach.
views:
82answers:
1
A:
You can create test certificates using "makecert" commands as shown here. You can bypass certificate validation checks using configuration such as below, although this is not recommended in a production environment:
<authentication certificateValidationMode="None"
revocationMode="NoCheck" />
I'd have a good read of the configuration options for different scenarios at this CodePlex link, it will show you the different security options and how to configure them.
Tanner
2010-04-09 09:07:37
But i don'nt want to buy certificate in production mode, Does this make sense. Or i need to implement some other way to secure wcf service.
malik
2010-04-09 10:12:15
You can work around it like this so you wouldn't need to buy a cert. The makecert command allows you to generate your own cert and the config prevents validation and checking.
Tanner
2010-04-09 11:10:09
But on production server will it work.Can you give any idea so i can implement security using RSA encryption by extention.
malik
2010-04-10 10:38:28