I am implementing a WCF service that will be used (partially) on a private LAN.
I will use netTcpBinding and would like to implement some form of security in messages, or rather, it is important that the data is encrypted so that (for example) no one can view the data transmitted over the network.
I do not believe that Windows authentication will be appropriate, as the end user may not support their logins and roles in Windows strictly enough to use them as authentication. Am I right in thinking that would make him inappropriate? Please correct me if I am wrong.
My question is: what is the easiest way to implement encryption in a WCF service using netTcpBinding? especially when the Windows credential type is not available.
I tried experimenting with certificates (generating my own using makecert), but there is a clear lack of tutorials and documentation describing how to do this, from start to finish using TCP and hosting the service in something other than IIS. Many of them tell you how to create certificates in detail (and none of these tutorials exactly differs from this) and end by saying something like
use them to sign the service and client
... well, unfortunately, this is a process that I need a little more explanation about!
Typically, the certificate solution seems to be on top and a little too easy to get encrypted data!
Any help or corrections to any assumptions I could make would be truly appreciated.
security c # tcp wcf nettcpbinding
Lewray
source share