WCF Service on Client Side - SSL Certificate

0
votes

What do I need to secure communication between Client, Server, AdminConsole (on another Client Computer). I've the following scenario:

AdminConsole (Client2) perform some action (call WCF Server) --> WCF Server (handle action and transmit it to the specific client via another WCF call) --> Client1 (with WCF Service in Windows Service)

Do I have to create for all Clients like Client1 a SSL certificate? -> So for 100 clients = 100 client SSL certs? Or is it enough to secure just the WCF Server with a SSL certificate?

2
c#wcfssl

2 Answers

4
votes

To a degree it depends on what you're trying to do.

If you simply want the client to know its connected to the right server and make the communication confidential and with guaranteed integrity (no one can change things without you knowing) then you just need an SSL cert on the server

If you need the server to know who the client is so it can do audit / authorization then the client must have some way to identify itself to the server. There are a number of options here depending on your requirements from Windows credentials, to custom usernames and password, to client certificates to SAML tokens

2
votes

You only need an SSL certificate for the Server - each client doesn't need one :)