4
votes

we've got a WCF Service using BasicHttpBinding with server- and client-certificates. We are using Transport security:

<security mode="Transport">
  <transport clientCredentialType="Certificate" />
</security>

So far everything works (client calls a webmethod and is only allowed to, if the client certificate is issued by the trusted CA).

Now we want to check in the WCF service, if the client certificate is a specific certificate. The certificate we are looking for is known (installed on) the server, too.

How do we get the used client certificate in the service code? How do we load the certificate we want to compare to? How do we compare?

1
Client certificate in transport or message security? That makes a big difference.Ladislav Mrnka
Transport - I edited the question ...Hinek

1 Answers

4
votes

Haven't actually tried this myself but the technique shown in this MSDN article seems to be what you're looking for. It explains how to create a custom certificate validator, (didn't know this was possible).