Azure Service Bus Brokered Message Security

0
votes

I'm using Brokered Messaging (Topics/Subscriptions) in Azure Service Bus and I'm curious how (or whether) the communication is secured using SSL.

I'm sending and receiving messages using the connection string:

var connectionString = CloudConfigurationManager.GetSetting("Microsoft.ServiceBus.ConnectionString");
var Client = TopicClient.CreateFromConnectionString(connectionString, "TestTopic");
Client.Send(new BrokeredMessage());

Is that message secure when it is sent?

2
azureazureservicebus

2 Answers

3
votes

Yes and no. The communication to and from your client to the Azure server is encrypted if using TLS (SSL). Once that communication is complete and the data is passed along to the server process, it's no longer secure (it's behind the Azure firewall, etc. etc. but no longer encrypted).

Brokered messaging does not have a message-level security option like relayed messaging (WCF option) so only transport-layer security is used--which means it's only protected while in that transport layer.

1
votes

Yes, they are using SSL by default. It might depend on your connectionstring, but I tested (and verified with Fiddler) with the following connection string and can say it is transport level encrypted: Endpoint=sb://myns.servicebus.windows.net;SharedSecretIssuer=owner;SharedSecretValue=mykey cheers