WCF: programatically configuring the service with certificate

Question

Here's the whole issue: I want to create WCF dll to access WCF services.... the only issue is, when I use the WCF DLL config file with an application that has it's OWN app.config file, the WCF DLL app.config file gets ignored.......

I figure one way to fix this problem is to translate my app.config to code, but unfortunately I don't know what I am doing.

If you look at the app.config file below, you can also see that I use a certificate with an encoded value, which has made it more difficult for me to translate because like I said before I have no idea what I am doing, this is kind of a "learn as you go approach" for me.

Does anyone have any idea of how to accomplish either being able to use the app.config as is, instead of the WCF service accessing the APPLICATION's app.config?

OR

Does anyone have an article, tool or advice on how to translate the following app.config to C#?

any information would be fantastic..... Thanks, in advance.

<system.serviceModel>
    <bindings>
      <customBinding>
        <binding name="customBindingHTTP">
          <security authenticationMode="SecureConversation">
            <localClientSettings maxClockSkew="23:30:00" />
            <secureConversationBootstrap authenticationMode="UserNameForSslNegotiated">
              <localClientSettings maxClockSkew="23:30:00" />
            </secureConversationBootstrap>
          </security>
          <binaryMessageEncoding maxReadPoolSize="20000000" maxWritePoolSize="20000000"
            maxSessionSize="20000000">
            <readerQuotas maxDepth="20000000" maxStringContentLength="20000000"
              maxArrayLength="20000000" maxBytesPerRead="20000000" maxNameTableCharCount="20000000" />
          </binaryMessageEncoding>
          <httpTransport maxBufferPoolSize="20000000" maxReceivedMessageSize="20000000"
            maxBufferSize="20000000" useDefaultWebProxy="false" />
        </binding>
        <binding name="CustomBinding_ITestService">
          <security defaultAlgorithmSuite="Default" authenticationMode="SecureConversation"
            requireDerivedKeys="true" securityHeaderLayout="Strict" includeTimestamp="true"
            keyEntropyMode="CombinedEntropy" messageProtectionOrder="SignBeforeEncryptAndEncryptSignature"
            messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
            requireSecurityContextCancellation="true" requireSignatureConfirmation="false">
            <localClientSettings cacheCookies="true" detectReplays="true"
              replayCacheSize="900000" maxClockSkew="00:05:00" maxCookieCachingTime="Infinite"
              replayWindow="00:05:00" sessionKeyRenewalInterval="10:00:00"
              sessionKeyRolloverInterval="00:05:00" reconnectTransportOnFailure="true"
              timestampValidityDuration="00:05:00" cookieRenewalThresholdPercentage="60" />
            <localServiceSettings detectReplays="true" issuedCookieLifetime="10:00:00"
              maxStatefulNegotiations="128" replayCacheSize="900000" maxClockSkew="00:05:00"
              negotiationTimeout="00:01:00" replayWindow="00:05:00" inactivityTimeout="00:02:00"
              sessionKeyRenewalInterval="15:00:00" sessionKeyRolloverInterval="00:05:00"
              reconnectTransportOnFailure="true" maxPendingSessions="128"
              maxCachedCookies="1000" timestampValidityDuration="00:05:00" />
            <secureConversationBootstrap defaultAlgorithmSuite="Default"
              authenticationMode="UserNameForSslNegotiated" requireDerivedKeys="true"
              securityHeaderLayout="Strict" includeTimestamp="true" keyEntropyMode="CombinedEntropy"
              messageProtectionOrder="SignBeforeEncryptAndEncryptSignature"
              messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
              requireSecurityContextCancellation="true" requireSignatureConfirmation="false">
              <localClientSettings cacheCookies="true" detectReplays="true"
                replayCacheSize="900000" maxClockSkew="00:05:00" maxCookieCachingTime="Infinite"
                replayWindow="00:05:00" sessionKeyRenewalInterval="10:00:00"
                sessionKeyRolloverInterval="00:05:00" reconnectTransportOnFailure="true"
                timestampValidityDuration="00:05:00" cookieRenewalThresholdPercentage="60" />
              <localServiceSettings detectReplays="true" issuedCookieLifetime="10:00:00"
                maxStatefulNegotiations="128" replayCacheSize="900000" maxClockSkew="00:05:00"
                negotiationTimeout="00:01:00" replayWindow="00:05:00" inactivityTimeout="00:02:00"
                sessionKeyRenewalInterval="15:00:00" sessionKeyRolloverInterval="00:05:00"
                reconnectTransportOnFailure="true" maxPendingSessions="128"
                maxCachedCookies="1000" timestampValidityDuration="00:05:00" />
            </secureConversationBootstrap>
          </security>
          <binaryMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16"
            maxSessionSize="2048">
            <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
              maxBytesPerRead="4096" maxNameTableCharCount="16384" />
          </binaryMessageEncoding>
          <httpTransport manualAddressing="false" maxBufferPoolSize="524288"
            maxReceivedMessageSize="65536" allowCookies="false" authenticationScheme="Anonymous"
            bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
            keepAliveEnabled="true" maxBufferSize="65536" proxyAuthenticationScheme="Anonymous"
            realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false"
            useDefaultWebProxy="true" />
        </binding>
      </customBinding>
    </bindings>
    <client>
      <endpoint address="http://xx.xx.xxx.xxx:xxxx/TestService/custom"
        behaviorConfiguration="ClientCertificateBehavior" binding="customBinding"
        bindingConfiguration="customBindingHTTP" contract="ServiceReference1.ITestService"
        name="CustomBinding_ITestService">
        <identity>
          <certificate encodedValue="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx />
        </identity>
      </endpoint>
    </client>
    <behaviors>
      <endpointBehaviors>
        <behavior name="ClientCertificateBehavior">
          <clientCredentials>
            <serviceCertificate>
              <authentication certificateValidationMode="None" />
            </serviceCertificate>
          </clientCredentials>
        </behavior>
      </endpointBehaviors>
    </behaviors>
  </system.serviceModel>

Answer 1

The code below should be a good starting point for what you require. I've filled in a handful of the properties that I saw in your app.config and set them appropriately.

CustomBinding endpointBinding = new CustomBinding();

SymmetricSecurityBindingElement securityElement = SecurityBindingElement.CreateUserNameForSslBindingElement();
securityElement.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10;
securityElement.LocalClientSettings.MaxClockSkew = new TimeSpan(23, 30, 0);

endpointBinding.Elements.Add(securityElement);
endpointBinding.Elements.Add(new BinaryMessageEncodingBindingElement());
endpointBinding.Elements.Add(new HttpsTransportBindingElement());

As for the certificate... Once you have a WCF service host object you can add the certificate like so:

 host.Credentials.ServiceCertificate.Certificate = cert;