Search This Blog

Friday, March 5, 2010

Hosting WCF Service using Transport security with SSL certificates

There are several ways to host a WCF service, we all know that, i came accross a scenario where we had to host the WCF service as a windows service & then enable transport security with secured certificate, we wanted to use the default SSL port i.e. 443; but the difference here was that we didn't have IIS installed on the AWS Instance (a win2k8 box hosted somewhere in cloud), here are some simple steps to enable transport security with SSL enable.

Firstly we create a sample WCF class library & host it as Windows Service using 2008,

next we modify the config file of the windows service, which should look somewhat like this

In order to test this on a development environment we need to create a temporary self signed certificate, for more info on creating a temporary certificate this msdn article is very helpful.

I used the following command to create a self signed temporary certificate

makecert -sk testRootCA -sky signature -sr localmachine -n "CN=RootTrustedCA" -ss TRUST -r RootTrustedCA.cer
makecert -sk testServer -ss MY -sky exchange -sr localmachine -n "CN=Server" -ic RootTrustedCA.cer -is TRUST

next we need to configure the temporary certificate to the default https port i.e. 443, to achieve this we need to use the httpcfg utility,

now if all goes well, after installing & starting the service we should be able to browse through the service url i.e. https://localhost/SampleService & the wsdl via https://localhost/SampleService?wsdl.

please note that temporary certificates should only be used on development environments & not on production.