selfhosting wcf server - load certificate from file instead of certificate store

Question

I'm currently working on a wcf server and would like to load my certificate from a file/resource instead of the certificate store to make deployment easier. Any ideas how to do this?

Thanks for your help!

Answer 1

Suppose you are using duplex channel,you can load certificate from file as the following:

//Load certificate file with private key
var certificate = new X509Certificate2("c:\certificate.pfx", "password");

//Configure your server by to use certificate, for example:
var host = new ServiceHost(typeof(YourService), 
                         new Uri("Your service's uri"));
host.Credentials.ServiceCertificate.Certificate = certificate;

//configure your server to accept client's certificate , accept all
//certificate in this case, or you can assign it to the public key file
host.Credentials.ClientCertificate.Authentication.CertificateValidationMode
                           = X509CertificateValidationMode.None;

In your client's code, load the certificate as same as above

//configure your client to use certificate
var channelFactory = new ChannelFactory<IYourService>();
channelFactory.Credentials.ClientCertificate.Certificate = 
                                             clientCertificate;

//configure your client to accept server's certificate, 
//again, for simplicity, just accept any server's certificate
channelFactory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode
                           = X509CertificateValidationMode.None;

I think you should be okay from this point. Just remember that if you load from a file, you have to load the .pfx file which is generated by pvk2pfx.exe , it has both private key and public key. Otherwise WCF will get confused to where to lookup for private key.