How to pass a certificate to WSTrust to get Saml Token

Question

Here is an example of getting tokem using WSTrustChannelFactory. From here.

var stsBinding = new WS2007HttpBinding();
stsBinding.Security.Mode = SecurityMode.Tra         


        

Answer 1

Here you go.

private static SecurityToken RequestSecurityToken()    
{    
    // set up the ws-trust channel factory    
    var factory = new WSTrustChannelFactory(    
        new UserNameWSTrustBinding(
          SecurityMode.TransportWithMessageCredential),    
          _idpAddress);    
    factory.TrustVersion = TrustVersion.WSTrust13;            

    var authCertificate = X509.LocalMachine.My.Thumbprint.Find(Properties.Settings.Default.RassCertificateThumbprint).FirstOrDefault();
    if (authCertificate == null)
        throw new InternalException(String.Format("No atuhentication certificate found in store with thumbprint {0}.", Properties.Settings.Default.ClientCertificateThumbprint));

    // overenie je na zaklade certifikatu RASS
    factory.Credentials.ClientCertificate.Certificate = authCertificate;

    // create token request  
    var rst = new RequestSecurityToken    
    {    
        RequestType = RequestTypes.Issue,
        KeyType = KeyTypes.Symmetric,    
        AppliesTo = new EndpointReference(_serviceAddress.AbsoluteUri)    
    };

    // request token and return
    return factory.CreateChannel().Issue(rst);    
}

BTW: @Mitch is right about access to the private key. I just took your method and replaced few lines of code.