selfhosting wcf server - load certificate from file instead of certificate store
I'm currently working on a wcf server and would like to load my certificate from a file/resource instead of the certificate store to make deployment easier. Any ideas how to do this?
Thanks for you开发者_Python百科r help!
Suppose you are using duplex channel,you can load certificate from file as the following:
//Load certificate file with private key
var certificate = new X509Certificate2("c:\certificate.pfx", "password");
//Configure your server by to use certificate, for example:
var host = new ServiceHost(typeof(YourService),
new Uri("Your service's uri"));
host.Credentials.ServiceCertificate.Certificate = certificate;
//configure your server to accept client's certificate , accept all
//certificate in this case, or you can assign it to the public key file
host.Credentials.ClientCertificate.Authentication.CertificateValidationMode
= X509CertificateValidationMode.None;
In your client's code, load the certificate as same as above
//configure your client to use certificate
var channelFactory = new ChannelFactory<IYourService>();
channelFactory.Credentials.ClientCertificate.Certificate =
clientCertificate;
//configure your client to accept server's certificate,
//again, for simplicity, just accept any server's certificate
channelFactory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode
= X509CertificateValidationMode.None;
I think you should be okay from this point. Just remember that if you load from a file, you have to load the .pfx file which is generated by pvk2pfx.exe , it has both private key and public key. Otherwise WCF will get confused to where to lookup for private key.
I think this is what you are looking for: http://www.codeproject.com/KB/WCF/wcfcertificates.aspx
The following SO question has a detailed code sample of how to do this, however this may not work where the certificates are password-protected.
Programmatic WCF Message Security with Certificates
加载中,请稍侯......
精彩评论