While working on one of my projects, I had to make WCF run over a farm of load-balanced message queues. After several days of web search, asking questions and coding I have come up with the following "Step-by step guide for setting up certificate security for WCF over MSMQ communication".
The goal is to implement a secured WCF communication based on MSMQ under the following requirements/assumptions/recommendations.
- All MSMQ traffic must be encrypted and signed.
- No involvement of Windows Domain security and Active Directory.
- No code changes required on the client or on the server side.
- MSMQ version 4.0 (W2K8) is used, but it would be nice to have a solution that works on MSMQ 3.0 (W2K3) as well.
- There must be a well-established and straightforward routine for setting up secured communication that can be followed during test/staging/production deployment.
The weapon of choice is message-based certificate security. To put it simple, it means two things:
- all security-related activities happen on WCF level, MSMQ engine works only as a transport;
- certificate keys are stored on client and server machines.
- Breaking changes in DataManager (DataItem collection)
- Microsoft Excel 2007 sample (SOAP Web Service)
- No more third-party OPC RCWs
- Added LiveData Agent examples (WCF, SOAP, Multiplexor)
- Added "caseSensitive" setting to OPC LiveData Provider
- SQL LiveData Provider now supports ODBC data sources