IIS hosted WCF with SSL Certifcate

1
votes

I am new to WCF and WCF Security. I am trying to use a WCF service using SSL. There are lots of examples on the internet, but I am really confused. The issue is this:

In the IIS we can produce a self-signed certificate, but none of example, I have seen use this option. If I generate a self signed certificate with IIS and put it to IIS and deliver to client. With this scenario can I establish a secure connection. Or like other examples,

Do I have to generate both server certificate and client certificate using mkcert or openssl?

Please note that I want WCF service over https. And try to achieve it using IIS self signed certificate

1
wcfiissslcertificatessl-certificate

1 Answers

1
votes

You can use a self-signed certificate, but ultimately, when you go to Production, you should use a certificate that can be validated against the root SSL authorities or your, and your customers browsers will thrown all kinds of warnings.

In theory, the self-signed is just as secure, in that it is encrypted at the same level, but you do not get the full validation of the 'proper' SSL certs.