WCF Service and Two-way SSL
Posted on 2013-09-24
I have done web services before. I know a WCF Service is somewhat familiar to a .net 3.5 web service difference being more capabilities and contract usages.
However, one thing I really have not done are two-way SSL for a web service.
How do you setup a WCF Service to use x509 certifications?
I know I can do a makecert for my server machine? What cert store do I put that in?
Do I do something with the web.config file for my web service? Do I do anything in the code?
When a client that is consuming the web service executes I presume there is something that is done on their side to send the cert when they call the web service. Do I need that cert before they do anything?
At what point do I validate or verify the web service call from them as coming from a valid cert?
Any information on this would be greatly apprecated.
Code samples can be very useful as well.