I implemeted a WCF service and a client application for one of projects for my employer and currently facing a serious problem due to the soap body element. The issue is the soap body is not getting encrypted and only the header is encrypted. I am grateful to anyone who can help to resolve this issue. I can send the code for this if anyone can let me know the email address. Help is really appreciated on this becuase iam really helpless now. Anyway the soap request, webconfigs and the way how i created the certificates are mentioned for your reference...
WCF server config ......................
<bindings>
<wsHttpBinding>
<binding name="wsHttpEndpointBinding" >
<security>
<message clientCredentialType="Certificate" establishSecurityContext ="true" />
</security>
</binding>
</wsHttpBinding>
<customBinding>
<binding name="CustomBinding">
<textMessageEncoding messageVersion="Soap11" />
<security authenticationMode="MutualCertificate" requireDerivedKeys="false"
includeTimestamp="true" keyEntropyMode="ClientEntropy" messageProtectionOrder="EncryptBeforeSign" messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
requireSecurityContextCancellation="false">
<secureConversationBootstrap />
</security>
<httpTransport />
</binding>
</customBinding>
</bindings>
<services>
<service name="mysvc.MySvc" behaviorConfiguration="mysvc.Service1Behavior">
<endpoint address="" binding="customBinding" bindingConfiguration ="CustomBinding" contract="mysvc.IMySvc" />
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
<host>
<baseAddresses>
<add baseAddress ="http://localhost:8888/" />
</baseAddresses>
</host>
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="inspectorBehavior">
<consoleOutputBehavior />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="mysvc.Service1Behavior">
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
<serviceCredentials>
<serviceCertificate findValue="WCfServerCert"
storeLocation="LocalMachine"
storeName="My"
x509FindType="FindBySubjectName" />
<clientCertificate>
<authentication certificateValidationMode="None" />
</clientCertificate>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
WCF client config .....................
<system.serviceModel>
<bindings>
<customBinding>
<binding name="CustomBinding_IMySvc">
<security defaultAlgorithmSuite="Default" authenticationMode="MutualCertificate"
requireDerivedKeys="false" securityHeaderLayout="Strict" includeTimestamp="true"
keyEntropyMode="ClientEntropy" messageProtectionOrder="EncryptBeforeSign"
messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
requireSignatureConfirmation="false">
<localClientSettings cacheCookies="true" detectReplays="true"
replayCacheSize="900000" maxClockSkew="00:05:00" maxCookieCachingTime="Infinite"
replayWindow="00:05:00" sessionKeyRenewalInterval="10:00:00"
sessionKeyRolloverInterval="00:05:00" reconnectTransportOnFailure="true"
timestampValidityDuration="00:05:00" cookieRenewalThresholdPercentage="60" />
<localServiceSettings detectReplays="true" issuedCookieLifetime="10:00:00"
maxStatefulNegotiations="128" replayCacheSize="900000" maxClockSkew="00:05:00"
negotiationTimeout="00:01:00" replayWindow="00:05:00" inactivityTimeout="00:02:00"
sessionKeyRenewalInterval="15:00:00" sessionKeyRolloverInterval="00:05:00"
reconnectTransportOnFailure="true" maxPendingSessions="128"
maxCachedCookies="1000" timestampValidityDuration="00:05:00" />
<secureConversationBootstrap />
</security>
<textMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16"
messageVersion="Soap11" writeEncoding="utf-8">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
</textMessageEncoding>
<httpTransport manualAddressing="false" maxBufferPoolSize="524288"
maxReceivedMessageSize="65536" allowCookies="false" authenticationScheme="Anonymous"
bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
keepAliveEnabled="true" maxBufferSize="65536" proxyAuthenticationScheme="Anonymous"
realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false"
useDefaultWebProxy="true" />
</binding>
</customBinding>
</bindings>
<client>
<endpoint address="http://localhost:8888/" binding="customBinding" behaviorConfiguration ="CustomBehavior"
bindingConfiguration="CustomBinding_IMySvc" contract="WCFProxy.IMySvc"
name="CustomBinding_IMySvc" >
<identity >
<dns value ="WCfServerCert"/>
</identity>
</endpoint>
</client>
<behaviors>
<endpointBehaviors>
<behavior name="CustomBehavior">
<clientCredentials>
<clientCertificate findValue="WCfClientCert" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="My" />
<serviceCertificate>
<defaultCertificate findValue="WCfServerCert" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="My" />
<authentication certificateValidationMode="None"/>
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors >
</system.serviceModel>
CERTIFICATE creation commands ...............................
makecert -n "CN=WCFServer" -r -sv WCFServer.pvk WCFServer.cer
makecert -n "CN=WCFClient" -r -sv WCFClient.pvk WCFClient.cer
makecert -sk WCFServerCert -iv d:\WCFServer.pvk -n "CN=WCFServerCert " -ic d:\WCFServer.cer -sr LocalMachine -ss My -sky exchange pe
makecert -sk WCFClientCert -iv d:\WCFClient.pvk -n "CN=WCFClientCert " -ic d:\WCFClient.cer -sr LocalMachine -ss My -sky exchange pe