0

All the tutorials i have seen regarding installation of x.509 Certificate assumes that the server machine is your local machine and you have full access to it. But my app is hosted on DiscountASP, so how can I install the certificate on their machine ?

Ladislav Mrnka
  • 360,892
  • 59
  • 660
  • 670
Yaron Levi
  • 12,535
  • 16
  • 69
  • 118

1 Answers1

1

You can't because you don't have permissions to install certificate on hosting server. If you want to use HTTPS you must pay your hosting provider for buying and installing certificate for you (or you must have plan which offers SSL or shared SSL directly). In case of message security (not supported by Silverlight) you can load certificate from file.

Community
  • 1
  • 1
Ladislav Mrnka
  • 360,892
  • 59
  • 660
  • 670
  • I'm interested in message security. But I don't understand what do you mean by "load certificate from file", and why message security is not supported in Silverlight ? In "load certificate from file", do you mean that i place the certificate in my app folder in the server and loads it from there ? Please shed some light on the mechanics, It's all new to me (-: – Yaron Levi Aug 14 '11 at 19:10
  • Did you follow the link? It should show you everything you need to know about loading certificate from file. Bindings using message security are not supported by Silverlight - check [supported bindings](http://msdn.microsoft.com/en-us/library/cc896571%28v=vs.95%29.aspx). – Ladislav Mrnka Aug 14 '11 at 19:39
  • OK, think I understand better now: I can create a self-signed x.509 using the plural-sight tool. place it in my app folder on the server. But I'm still not sure about two things : 1) In the first link you gave me, where does the code considering the "custom service host" and "service host factory" goes ? I mean, when I deploy my app the WCF service is automatically exposed. How can I tell it to run on the custom service host ? 2) Does The client side needs somehow to get the x.509 certificate too ? – Yaron Levi Aug 14 '11 at 22:43
  • If you have .svc file you can open the file (the markup) and provide custom factory in `Service` directive. My example doesn't use .svc file. It uses configuration activation instead. Anyway to make it clear: If you want to consume the service from Silverlight **it will not work**. Silerlight supports only [transport security](http://stackoverflow.com/questions/5673283/wcf-transport-vs-message/5673867#5673867) which means HTTPS and HTTPS must have certificate configured on system level (by windows administrator). – Ladislav Mrnka Aug 15 '11 at 08:35
  • OK Thanks! I don't think transport security and SSL will fit our architecture, so I guess we need to change our security model. I will be posting a new question regarding the new model and potential flaws. I will be great if you could take look and give your professional opinion. – Yaron Levi Aug 15 '11 at 11:31