I have followed the step-by-step to enable X509 using makecert.exe which is pretty easy.
But I can not buy certificates from Certificate Authority (e.g. VerySign). Then, I am looking for altenatives and I would like to know some suggestions for my scenarios. I started to google and I found some articles about Microsoft Certificate Services. Is that only for repository or can I use as tool for generating certificates and then avoid to spend money with CA?
Now I am reading an excelent article (WCF Client Server Application with Custom Authentication, Authorization, Encryption and Compression) to improve my knowledge about security but this article is more complex than I really need. I am just looking for a way to implement security my WCF web services, maybe using public and private keys, AES and RSA but without envolving CA. Could someone give me suggestions? Maybe some article which show how implement security over WCF without buying certificates from CA?