1

I want to enable https for my WCF service and limit usage to only 1 client using client certificate.

Can I generate self-signed client certificate and give it to the only client protected with password? and enable wcf to accept only that certificate?

I don't want my client to use certificate provided by some CA, instead I want to give it's system my own generated one.

EDIT:

As far as I've pointed, client certificates can be used for authentication because of Public/Private key architecture, Client has private key and encrypts data with it, server has it's public key and tries to decrypt data with it,( in RSA a data encrypted with private key can only decrypted with corresponding public key,) so if decryption succeeds server knows it was sent by particular client.

Lev
  • 3,719
  • 6
  • 41
  • 56

2 Answers2

2

You can do that by configuring your service over two separate end points one secured (with certificate) and one without certificate. Check this post for general understanding (not specific to WCF) over Self signed certificate vs CA certificate - Self-signed SSL Cert or CA?

Community
  • 1
  • 1
vibhu
  • 1,657
  • 2
  • 15
  • 19
  • Check this post as well where question shows config file exposing two endpoints (secured and unsecured) - http://stackoverflow.com/questions/4702186/publish-wcf-service-in-iis-with-support-for-both-http-and-https – vibhu Jul 17 '13 at 03:46
0

The complexity of this tutorial is one of the many examples that drove me away from WCF: http://msdn.microsoft.com/en-us/library/windowsazure/hh289316.aspx

Alternatively, you can setup something similar in other frameworks with much less code :)

Hylaean
  • 1,237
  • 13
  • 19