WCF Message Security

This is a follow up my previous post “Accessing a BizTalk WCF Service over SSL with Client Certificate Authentication”.

To change from transport to message security, I did the following:

  1. Changed the receive location configuration.

    image

    The service certificate is, I believe, used to sign the response.

  2. Uncommented
    <endpoint name="HttpMexEndpoint" address="mex" binding="mexHttpBinding" bindingConfiguration="" contract="IMetadataExchange" />
    in the service Web.config again.
  3. Changed security mode in App.config:
    <security mode="Message">
      <message clientCredentialType="Certificate" algorithmSuite="Basic256"/>
    </security>
  4. Since the service certificate did not have the correct common name, I also had to provide a DNS identity in App.config:
    <client>
      <endpoint address=”http://…/Orchestrations/WcfService_Orchestrations.svc”
        binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_ITwoWayAsync"
        contract="ServiceReference1.WcfService_Orchestrations" name="WSHttpBinding_ITwoWayAsync">
        <identity >
          <dns value="…"/>
        </identity>
      </endpoint>
    </client>
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s