So you want to use some channel security in your WCF service. Maybe you even want to guarantee the server your are talking to is who they say they are.
Well, transport security is what you are looking for. It is really quite easy to implement.
Things you will need:
1) A certificate from a trusted signing authority (thawte,godaddy, verisign,etc)
2) A WCF service (duh)
You will need to make changes to the server app.config and the client app.config.
On the Server:
You will need to add this tag to the binding:
We are basically saying here, use transport security but don’t look for a client certificate.
You will also need to create a service behavior.
<serviceCertificate findValue=”CN=server.contoso.com” storeLocation=”LocalMachine” storeName=”My” x509FindType=”FindBySubjectDistinguishedName” />
<authentication certificateValidationMode=”None” />
Notice the serviceCertificate tag. This is the important one. the CN=XXXXX is the portion you need to change to your servers certificate subject.
Now the service is setup. You will need to modify the Client app.config as follows:
You need to change the bindings on the client the same way as the server. Example.
<binding name=”TCP_Binding” …..>
<transport clientCredentialType=”None” />
Now you have your service protected with SSL and validation.