开发者

WCF Client Certificate Authentication

开发者 https://www.devze.com 2023-01-15 17:00 出处:网络
We have a typical client-server WCF service and I would like the following: Client passes a certificate to the Server through the ClientCredentials property

We have a typical client-server WCF service and I would like the following:

  • Client passes a certificate to the Server through the ClientCredentials property
  • Server looks at the certificate and see's that it has been issued by our trusted certificate authority
  • The client is rejected if they use a certificate that is not issued by our CA.

The client has a clientAuthentication certificate installed, along with our trusted CA. The server has our trusted CA certificate installed. I dont want to install any other certificates.

I am flexible on the binding, however it does need to work in a web scenerio.

I thought about using BasicHttpBinding with T开发者_如何学GoransportCredentialOnly, however it doesnt support certificates :(.

Ive tried using wsHttpBinding in Message mode, however that requires a ServerCertificate to perform server authentication and message encryption... which I dont want!

Is there any built-in way to achieve this?


All build in bindings allow using client certificates only when server certificate is used - mutal certificate authentication and security. To support your scenario you will have to handle it completely yourselves. If you want to inject your authentication mechanism to WCF you will have to do custom token and custom credentials.

0

精彩评论

暂无评论...
验证码 换一张
取 消