Terrible Performance with WCF and certificates (mutual authentication)

Question

Guys / Gals we are having terrible performance with our website that uses WCF as the application later. We are using message level security and certificates (mutual authenti

Answer 1

Looks like you could solve it using a certificate from a ceritificate authority:

"MakeCert is a tool provided by Microsoft to create test certificates that can be used during the development of a product (For developing and testing purposes only). These certificates have also performance problems, certain cryptographic operations may perform slowly when they are used. Certificates issued from a true Certificate Authority do not have this problem, and it is a know issue."

http://weblogs.asp.net/cibrax/archive/2006/08/08/Creating-X509-Certificates-for-WSE-or-WCF.aspx

Edit: May be the extra activity is due to initial handshake when creating of a session. WCF default is per call, that is a new session is created for each call. You could try marking your contract with:

[ServiceContract(Session = true)]

That may maintain the session and avoid the initial handshake.

Answer 2

I remember a similar issue however it was a good 18 months ago. I found this whilst having a quick look for how i resolved the issue. It may help, I will edit my response when I find what I was looking for!

Answer 3

The additional SCT/RST calls are establishing the security context. If you recreate the proxy on each call, a security context is unneccesary overhead. Turn it off.

The way you use the factory is fine. However, your error handling and closing of the proxy is not. Make sure that you close or abort the proxy in any case. Check msdn for the recommended pattern.

Also can you provide some figures about how bad performance is?