Based on a very useful answer from @casperOne, I ended up with the following configuration:
<configuration> <startup> <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.2" /> </startup> <system.serviceModel> <bindings> <wsHttpBinding> <binding> <security mode="TransportWithMessageCredential"> <message clientCredentialType="Certificate" /> </security> </binding> </wsHttpBinding> </bindings> <client> <endpoint address="https://SomeEndPointUrl/v1" binding="wsHttpBinding" behaviorConfiguration="SigningCallback" contract="ServiceReference1.EboxMessagePortType" name="MyBindingConfig"> </endpoint> </client> <behaviors> <endpointBehaviors> <behavior name="SigningCallback"> <clientCredentials> <clientCertificate findValue="*somecertsubjectname*" storeLocation="LocalMachine" storeName="TrustedPublisher" x509FindType="FindBySubjectName" /> </clientCredentials> </behavior> </endpointBehaviors> </behaviors> </system.serviceModel> </configuration>
This is for soap client over https
source share