Home/ Questions/Q 910895
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-15T17:06:50+00:00

Here is a scenario: Desktop application Installed from the web Needs to call a

  • 0

Here is a scenario:

  1. Desktop application
  2. Installed from the web
  3. Needs to call a WCF webservice
  4. Transferred data needs to be encrypted from Client to Server and Server to Client

Is there a well understood solution for this that is:

  1. Secure
  2. Easy to manage and deploy

I guess what this comes down to firstly is whether https encryption happens in both directions… Does it? Or do you need mutual authentication for that?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    HTTPS is what you’re after – it does provide end-to-end encryption (client-to-server and server-to-client).

    So long as you can generate and install a server certificate, and be sure that your clients ‘trust’ the issuing authority of your certificate, then you’re good to go. Note that this is not mutual authentication – your clients know that they have contacted the correct server, but the server does not know who has contacted it.

    It can offer mutual authentication through the use of client-side certificates, but I would argue that does not fall under the ‘easy to deploy’ requirement.

    • 0