WCF with netTcpBinding and Certificate transport security

Question

I need to secure a WCF service that uses netTcpBinding and connects directly with a Windows Forms based application. I only need it to be secured at the transport layer.

Answer 1

Read this (covers https case but still may help) and this.

Since we are talking about transport-level security, I don't think your server process should know anything about certificate you are using to provide it.

Answer 2

Try this:

makecert -n "CN=MY COMPANY DEBUG" -pe -sky exchange Debug.cer -sv Debug.pvk
pvk2pfx -pvk Debug.pvk -spc Debug.cer -pfx Debug.pfx

You will then end up with three files, the .cer file (public key), the .pvk (private key), and the .pfx (key exchange with both). You can then install the .pfx file on the server like so:

certutil -p "" -importPFX Certificates\Debug.pfx

At the client end, you only need to install the .cer file. These installs (.cer and .pfx above) you can also do through the Certificates MMC snap-in (Start, Run, MMC.exe, then add the Certificates snap-in for the current machine).