views:

29

answers:

2

What is the advantage of using a trusted certificate instead of self-signed for message security in WCF?

As far as i understand it's only used for encryption, not really validating the identity.

A: 

Depends, if you use an SSL certificate to offer the WCF Service in https then it's used for encryption, and the client could require it to be trusted (or not).

If the WCF Service Requires the client to sign the request, it is only used for Validation/Verification - and then you will certainly need a trusted certificate.

(The client certificate is then configured as an <endpointBehavoir>)

Rune Baess