All geek questions in one place

WCF Certificate Authentication Without Client Installation

Our setup includes a WCF service and several clients that we wrote. Some of the clients include Silverlight applications, while others include applications on the Internet and Windows.

I (think) I would like to authenticate clients based on X.509 certificates. Typically, you should install a private key on the client computer to encrypt (in other words, a digital sign) messages. The server can use the public key of the clients to decrypt it so that the message is not changed and it is confirmed that the message was received from the one we expect (it is authenticated).

I do not want to install the certificate on the client machine. Its a hassel to deploy, and we cannot really ask our customers to do this. I talked with someone the other day who started embedding a certificate in a client assembly, reading it and using it. Is it possible?

It would be great if someone could point me to an example.

Thanks in advance,

David

+3
source share
2 answers

Yes, you can load X509certificate2 by passing an array of certificate bytes with a password of type

var certificate = new X509Certificate2(theByteArrary, "password");

To get an array of certificate bytes, you can simply copy the paste of the contents into a .pfx file, which is a combination of .cer (public key) and .pvk (private key)

, :

var channelFactory = new ChannelFactory<IYourService>();
channelFactory.Credentials.ClientCertificate.Certificate = 
                                         clientCertificate;

- .config , this from codeproject

+2

Source: https://habr.com/ru/post/1715695/

More articles:


All Articles