many servers, one client

I'm planning on deploying a WCF service to multiple devices to receive notifications of certain events. All of the events will originate from a client machine that can provide a certificate to the service to authenticate.

I'm less concerned about the client authenticating each service, but I'm having difficulty choosing the proper WCF security settings to provide this setup. It appears that message-level security requires a client certificate and a service certificate.

But the devices hosting the service will not be able to be maintained in a way that allows us to update the service certificate periodically when it expires. So here are my questions:

  • Is there a way to set up a WCF service for client certificate authentication without a service certificate on the server?

  • Is there a simpler approach for verifying the identity of the caller that I'm missing?


  • I apologize for the brevity of this answer, but it is better to think of it as a Server certificate, rather than a Service certificate. Multiple services could use the same certificate, and you can work around the expiration by not checking for expiration client side. In terms of is there any easier way, WCF supports a variety of authentication and authorization models, here's some useful links.

    http://msdn.microsoft.com/en-us/library/ee748498.aspx

    http://msdn.microsoft.com/en-us/library/ms733131(v=vs.110).aspx

    链接地址: http://www.djcxy.com/p/21608.html

    上一篇: 在CMS中使用网页控制的客户端安全

    下一篇: 许多服务器,一个客户端