ControlSystemWorks Blog - Certificate security for WCF over MSMQ communication

Monday, September 28, 2009

« CSWorks 1.0.3540.0 released | Main | CSWorks 1.0.3560.0 released »

Certificate security for WCF over MSMQ communication

While working on one of my projects, I had to make WCF run over a farm of load-balanced message queues. After several days of web search, asking questions and coding I have come up with the following "Step-by step guide for setting up certificate security for WCF over MSMQ communication".

The goal is to implement a secured WCF communication based on MSMQ under the following requirements/assumptions/recommendations.

All MSMQ traffic must be encrypted and signed.
No involvement of Windows Domain security and Active Directory.
No code changes required on the client or on the server side.
MSMQ version 4.0 (W2K8) is used, but it would be nice to have a solution that works on MSMQ 3.0 (W2K3) as well.
There must be a well-established and straightforward routine for setting up secured communication that can be followed during test/staging/production deployment.

The weapon of choice is message-based certificate security. To put it simple, it means two things:

all security-related activities happen on WCF level, MSMQ engine works only as a transport;

certificate keys are stored on client and server machines.

Read on...

msmq | security | wcf

Sergey Sorokin Monday, September 28, 2009 9:52:32 PM (Pacific Daylight Time, UTC-07:00)

| Comments [0] | Related posts:
Silverlight 4 - relative web service address support
Running CSWorks demo applications from remote clients

Comments are closed.

On this page....