How to authenticate users with certificates
Jason Taylor, Prashant Bansode, Carlos Farre, Madhu Sundararajan, Steve Gregersen
Use the following steps to authenticate users using a client-side certificate:
- Install the service certificate on the WCF service machine.
- If you are using message security, configure service credentials to set the name and location of the service certificate.
- If you are using transport security with wsHttpBinding, install the service certificate on IIS and configure the virtual directory to require SSL and client certificate.
- Configure the service to use certificates for client credentials type as show in the following example
<message clientCredentialType="Certificate" />
- Install the service certificate on the client machine.
- Configure the endpoint behavior to set the name and location of the client certificate.
Make sure the the root CA certificate is in the Trusted Root Certification Authorities
location on both the server and client machines.