wcf-security

问题 I have a Silverlight application that connects to a WCF service. Under the basic configuration I am used to, there's no problem connecting this application to its corresponding WCF service. However, recently, one of my clients started using an Apache reverse proxy. This proxy is the public server and it's only used to encrypt HTTP traffic via SSL (HTTPS) going between the client and it. This proxy passes all traffic from it to the actual web server that hosts my application. The traffic

问题 If one way SSL is used (Server Certificate authentication) then data sent from client gets encrypted using Public key of the server certificate. So privacy protection is available for data sent from client. My questions are Does this mean that in One way SSL data sent from Server to client is not encrypted and sent as plain text ? For both server to client and client to server communications the data/message is not signed and so tamper protection or data integrity is not assured. Are there

问题 If one way SSL is used (Server Certificate authentication) then data sent from client gets encrypted using Public key of the server certificate. So privacy protection is available for data sent from client. My questions are Does this mean that in One way SSL data sent from Server to client is not encrypted and sent as plain text ? For both server to client and client to server communications the data/message is not signed and so tamper protection or data integrity is not assured. Are there

问题 If one way SSL is used (Server Certificate authentication) then data sent from client gets encrypted using Public key of the server certificate. So privacy protection is available for data sent from client. My questions are Does this mean that in One way SSL data sent from Server to client is not encrypted and sent as plain text ? For both server to client and client to server communications the data/message is not signed and so tamper protection or data integrity is not assured. Are there

问题 If one way SSL is used (Server Certificate authentication) then data sent from client gets encrypted using Public key of the server certificate. So privacy protection is available for data sent from client. My questions are Does this mean that in One way SSL data sent from Server to client is not encrypted and sent as plain text ? For both server to client and client to server communications the data/message is not signed and so tamper protection or data integrity is not assured. Are there

问题 If one way SSL is used (Server Certificate authentication) then data sent from client gets encrypted using Public key of the server certificate. So privacy protection is available for data sent from client. My questions are Does this mean that in One way SSL data sent from Server to client is not encrypted and sent as plain text ? For both server to client and client to server communications the data/message is not signed and so tamper protection or data integrity is not assured. Are there

问题 I'm just creating my first WCF project, so I have a lot of deficiencies in knowledge in this field. My problem is that when I'm calling my WCF url in web browser, I have to enter the credentials but I cannot even use my domain name and password, but I have to choose my personal chip card certificate and enter it's password. After that, everything work like a charm. My final product should be installed on every user workstation in our domain for IT operations purposes only. So there will be

问题 We are trying to enforce TLS 1.2 in our WCF Service. We have our WCF Service hosted on IIS on our VM Boxes. We are not sure how to disable TLS 1.0 and TLS 1.1 for our service. We have tried the following approach: Configuration change in our WCF Service (Server side) and (client side)** – For the client side, we added the following code in our main method – Remove insecure protocols (SSL3, TLS 1.0, TLS 1.1) ServicePointManager.SecurityProtocol &= ~SecurityProtocolType.Ssl3;

问题 I'm trying to convert an old WCF client to dotnet core. I successfully generated my proxies from the wsdl and have been trying to configure them so I can successfully call the endpoint. It appears, based on some googling, that under dotnet core I need to configure my WCF client from code. Here's the WCF configuration section from the web.config of the old application: <system.serviceModel> <serviceHostingEnvironment aspNetCompatibilityEnabled="true" /> <behaviors> <endpointBehaviors>

问题 I'm trying to convert an old WCF client to dotnet core. I successfully generated my proxies from the wsdl and have been trying to configure them so I can successfully call the endpoint. It appears, based on some googling, that under dotnet core I need to configure my WCF client from code. Here's the WCF configuration section from the web.config of the old application: <system.serviceModel> <serviceHostingEnvironment aspNetCompatibilityEnabled="true" /> <behaviors> <endpointBehaviors>