An easy way to use certificates for WCF security

Davide Icardi

Rate me:

4.69/5 (38 votes)

30 Apr 2007MIT12 min read

478K

7.2K

136

An easy solution to use certificates on Windows Communication Foundation loading the certificates from files

wcfcertificates.zip
- WCFCertificates
  - Bin
    - DevAge.ServiceModel.dll
  - Client
    - app.config
    - Client.cer
    - Client.csproj
    - Client.pfx
    - Client.pvk
    - ClientCertificate.bat
    - Program.cs
    - Properties
      - AssemblyInfo.cs
    - Service References
      - MathService.cs
      - MathService.map
  - DevAge.ServiceModel
    - CertificateHelper.cs
    - CertificateServiceHost.cs
    - CertificateServiceHostFactory.cs
    - Configuration
    - CustomCertificateValidator.cs
    - DevAge.ServiceModel.csproj
    - PathHelper.cs
    - Properties
      - AssemblyInfo.cs
    - Proxy.cs
  - Documents
    - style.css
    - WCFCertificates.htm
  - Server
    - App_Code
      - MathService.cs
    - App_Data
      - Client.cer
      - Server.cer
      - Server.pfx
      - Server.pvk
      - ServerCertificate.bat
    - Bin
      - DevAge.ServiceModel.dll
    - MathService.svc
    - Web.config
  - WCFCertificates.sln

using System;
using System.Collections.Generic;
using System.Text;
using System.ServiceModel;
using System.ServiceModel.Security;
using System.Security.Cryptography.X509Certificates;

namespace DevAge.ServiceModel
{
    /// <summary>
    /// A class that derive from the ServiceHost system class to automatically set the 
    /// server certificate used for service authentication.
    /// This class set the Credentials.ServiceCertificate.Certificate property override any certificate configuration.
    /// Consider anyway that you must correctly configure the binding security.
    /// </summary>
    public class CertificateServiceHost : ServiceHost
    {
        public CertificateServiceHost(Type serviceType, Uri[] baseAddresses)
            : base(serviceType, baseAddresses)
        {
        }

        protected override void ApplyConfiguration()
        {
            base.ApplyConfiguration();

            //Check if there is a valid configuration section
            Configuration.Section section = Configuration.Section.GetSection();
            if (section == null || section.Services == null)
                return;

            //Check if there is a valid configuration for this service
            Configuration.ServiceElement element = section.Services.GetElementByKey(Description.Name);
            if (element == null)
                return;

            X509Certificate2 serverCertificate = element.GetServerCertificate();

            //Set the server certificate
            if (serverCertificate != null)
                this.Credentials.ServiceCertificate.Certificate = serverCertificate;

            //Set the client certificates and the validator
            if (string.IsNullOrEmpty(element.ClientCertificates) == false)
            {
                X509ClientCertificateAuthentication authentication = 
                            this.Credentials.ClientCertificate.Authentication;

                authentication.CertificateValidationMode =
                    System.ServiceModel.Security.X509CertificateValidationMode.Custom;

                authentication.CustomCertificateValidator =
                    new CustomCertificateValidator(element.GetClientCertificates());
            }
        }
    }
}

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The MIT License

Written By

Davide Icardi

Software Developer

Italy

This member has not yet provided a Biography. Assume it's interesting and varied, and probably something to do with programming.

An easy way to use certificates for WCF security

License

Comments and Discussions