Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
What is the best way to implement https security for transport without a certificate? Should I just for instance use basicHttpBinding with SecurityMode to Transport and ClientCredentialType to HttpClientCredentialType? I did it in a way described but then when accessing WSDL I have a ceritificate warning.
You cannot. HTTPS is just HTTP tunneled inside of SSL/TLS and SSL/TLS requires the use of a certificate on the server side. If this is for testing, or only use by clients that you control, you can choose to do one of these options in place of paying for a CA-issued certificate.
Use a self-signed certificate. In order for this to work without your client getting a warning, you would need to import the certificate into the clients’ trust store (usually part of the browser).
Use a certificate issued by a Certificate Authority (CA) that you control and have that CA’s issuing certificate (or root) imported/trusted by all of your clients. This is mos useful if you have multiple servers in your environment and you need all of the clients in your environment to trust them.
If you need external clients to connect to your servers without doing any import/trust on the clients, you will need to procure a certificate from a globally-recognized CA like Verisign.