WCF - How do I encrypt messages?

Question

My WCF service involves the sending of a dataset (in csv format) data between client and service. This dataset must be encrypted so that the data cannot be intercepted. I\'m

Answer 1

Yes, your service needs a certificate so that your encryption keys can be exchanged securely. You can create a test service authentication certificate with makecert.exe. See this entry in my blog for the details of that.

You also need to ensure that the account your service is running as is able to read the certificate's private key file. If you're on Windows Vista (or later) the Certificates MMC snap-in allows you to control permissions on that private-key, but for earlier versions of Windows it's a bit harder. I used to use a utility that came with WSE3, but someone else might be able to suggest a more direct way. Unless your service runs as an admin, you will most likely have to adjust these permissions.

Update: like all good things, my blog came to an end. Thanks to makerofthings7 for reminding me. The makecert command you need to generate a service authentication certificate is something like this...

makecert -sr LocalMachine -ss My -pe -n CN=subject-name -eku 1.3.6.1.5.5.7.3.1 -sky exchange

...simply replace subject-name with any certificate name that makes sense for your service.