ControlSystemWorks Blog - msmq http://www.controlsystemworks.com/blog/ Of CSWorks and software development en-us ControlSystemWorks.com Tue, 29 Sep 2009 04:52:32 GMT newtelligence dasBlog 2.3.9074.18820 support@ControlSystemWorks.net support@ControlSystemWorks.net http://www.controlsystemworks.com/blog/Trackback.aspx?guid=8ebcd9ee-d6b3-48a2-9a0c-789bada4a4fa http://www.controlsystemworks.com/blog/pingback.aspx http://www.controlsystemworks.com/blog/PermaLink,guid,8ebcd9ee-d6b3-48a2-9a0c-789bada4a4fa.aspx Sergey Sorokin http://www.controlsystemworks.com/blog/SyndicationService.asmx/GetEntryCommentsRss?guid=8ebcd9ee-d6b3-48a2-9a0c-789bada4a4fa

While working on one of my projects, I had to make WCF run over a farm of load-balanced message queues. After several days of web search, asking questions and coding I have come up with the following "Step-by step guide for setting up certificate security for WCF over MSMQ communication".

The goal is to implement a secured WCF communication based on MSMQ under the following requirements/assumptions/recommendations.

  • All MSMQ traffic must be encrypted and signed.
  • No involvement of Windows Domain security and Active Directory.
  • No code changes required on the client or on the server side.
  • MSMQ version 4.0 (W2K8) is used, but it would be nice to have a solution that works on MSMQ 3.0 (W2K3) as well.
  • There must be a well-established and straightforward routine for setting up secured communication that can be followed during test/staging/production deployment.

The weapon of choice is message-based certificate security. To put it simple, it means two things:

  • all security-related activities happen on WCF level, MSMQ engine works only as a transport;
  • certificate keys are stored on client and server machines.

    • Read on...

    Certificate security for WCF over MSMQ communication http://www.controlsystemworks.com/blog/PermaLink,guid,8ebcd9ee-d6b3-48a2-9a0c-789bada4a4fa.aspx http://www.controlsystemworks.com/blog/2009/09/29/CertificateSecurityForWCFOverMSMQCommunication.aspx Tue, 29 Sep 2009 04:52:32 GMT <p> While working on one of my projects, I had to make WCF run over a farm of load-balanced message queues. After several days of web search, asking questions and coding I have come up with the following "Step-by step guide for setting up certificate security for WCF over MSMQ communication". </p> <p> The goal is to implement a secured WCF communication based on MSMQ under the following requirements/assumptions/recommendations. </p> <ul> <li> All MSMQ traffic must be encrypted and signed.</li> <li> No involvement of Windows Domain security and Active Directory.</li> <li> No code changes required on the client or on the server side.</li> <li> MSMQ version 4.0 (W2K8) is used, but it would be nice to have a solution that works on MSMQ 3.0 (W2K3) as well.</li> <li> There must be a well-established and straightforward routine for setting up secured communication that can be followed during test/staging/production deployment.</li> </ul> <p> The weapon of choice is message-based certificate security. To put it simple, it means two things: <p> <li> all security-related activities happen on WCF level, MSMQ engine works only as a transport;</li> <li> certificate keys are stored on client and server machines.</li> <p> <a href="http://www.controlsystemworks.com/articles/CertificateSecurityForWcfOverMsmq.html">Read on...</a> </p> <img width="0" height="0" src="http://www.controlsystemworks.com/blog/aggbug.ashx?id=8ebcd9ee-d6b3-48a2-9a0c-789bada4a4fa" /> http://www.controlsystemworks.com/blog/CommentView,guid,8ebcd9ee-d6b3-48a2-9a0c-789bada4a4fa.aspx msmq security wcf