- Create certificates
- Configure the web.config
- Configure the IIS
- Sample client application
1. Create certificates
Generate Pfx file from pvk file. Visit here for more.
pvk2pfx -pvk srvr.pvk -pi password -spc srvr.cer -pfx srvr.pfx
In the server:
Import srvr.pfx into LocalMachine -> Personal, Certificates
Import client1.cer into LocalMachine -> Trusted People, Certificates
In the client
Import client1.pfx into LocalMachine -> Personal, Certificates
2. Configure the web.config
<system.serviceModel>
<bindings>
<webHttpBinding>
<binding name="webSecureBinding">
<security mode="Transport">
<transport clientCredentialType="Certificate"/>
</security>
</binding>
</webHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="securedBehavior">
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="webBehavior">
<webHttp/>
</behavior>
</endpointBehaviors>
</behaviors>
<services>
<service name="RestServerWcf.Service" behaviorConfiguration="securedBehavior">
<endpoint address="" binding="webHttpBinding" bindingConfiguration="webSecureBinding" behaviorConfiguration="webBehavior" contract="RestServerWcf.IService"/>
</service>
</services>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
3. Configure the IIS
Add new binding:
Configure SSL Settings, click on SSL Settings:
And finally set the Require SSL:
4. Sample client application
Once, we are done with all the configuration then lets build sample client application to consume the services// Generate request HttpWebRequest request = WebRequest.Create(@"https://server/service.svc/json/customers") as HttpWebRequest; // Find the certificate from the local store X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser); store.Open(OpenFlags.OpenExistingOnly); X509Certificate2Collection collection = store.Certificates.Find(X509FindType.FindBySubjectName, "Client", false); X509Certificate cer1 = new X509Certificate(collection[0]); // Add the certificate into the request request.ClientCertificates.Add(cer1); // Hit the service and get the response HttpWebResponse response = (HttpWebResponse)request.GetResponse();Done.