Configure WCF service client with certificate authentication programmatically

espvar picture espvar · Jan 10, 2012 · Viewed 13k times · Source

How do i setup a ServiceClient using Certificate authentication programmatically in c#?
And i don't want to use .config.

       using(var srv = GetServiceInstance())
       {
            srv.DoStuff()
        }

        private  TheServiceClient GetServiceInstance()
        {
            var service = new TheServiceClient(CreateWsHttpBinding(), CreateEndpointAdress());
            return service;
        }
        private static WSHttpBinding CreateWsHttpBinding()
        {
        var wsHttpBinding = new WSHttpBinding();
        wsHttpBinding.Security.Mode = SecurityMode.Message;

        wsHttpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Windows;
        wsHttpBinding.Security.Transport.ProxyCredentialType = HttpProxyCredentialType.None;
        wsHttpBinding.Security.Transport.Realm = "";
        wsHttpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Windows;

        wsHttpBinding.Security.Message.NegotiateServiceCredential = true;
        wsHttpBinding.Security.Message.ClientCredentialType = MessageCredentialType.Certificate;

        wsHttpBinding.Name = "Bindingname";
        wsHttpBinding.CloseTimeout = TimeSpan.FromMinutes(1);
        wsHttpBinding.OpenTimeout = TimeSpan.FromMinutes(1);
        wsHttpBinding.ReceiveTimeout = TimeSpan.FromMinutes(10);
        wsHttpBinding.SendTimeout = TimeSpan.FromMinutes(1);
        wsHttpBinding.BypassProxyOnLocal = false;
        wsHttpBinding.TransactionFlow = false;
        wsHttpBinding.HostNameComparisonMode = HostNameComparisonMode.StrongWildcard;
        wsHttpBinding.MaxBufferPoolSize = 524288;
        wsHttpBinding.MaxReceivedMessageSize = 65536;
        wsHttpBinding.MessageEncoding = WSMessageEncoding.Text;
        wsHttpBinding.TextEncoding = Encoding.UTF8;
        wsHttpBinding.UseDefaultWebProxy = true;
        wsHttpBinding.AllowCookies = false;

        wsHttpBinding.ReaderQuotas.MaxDepth = 32;
        wsHttpBinding.ReaderQuotas.MaxArrayLength = 16384;
        wsHttpBinding.ReaderQuotas.MaxStringContentLength = 8192;
        wsHttpBinding.ReaderQuotas.MaxBytesPerRead = 4096;
        wsHttpBinding.ReaderQuotas.MaxNameTableCharCount = 16384;

        wsHttpBinding.ReliableSession.Ordered = true;
        wsHttpBinding.ReliableSession.InactivityTimeout = TimeSpan.FromMinutes(10);
        wsHttpBinding.ReliableSession.Enabled = false;

        return wsHttpBinding;
    }
        private static EndpointAddress CreateEndpointAdress()
        {
            var store = new X509Store(StoreName.TrustedPeople, StoreLocation.CurrentUser);
            store.Open(OpenFlags.ReadOnly);
            var cert = store.Certificates.Find(X509FindType.FindBySubjectDistinguishedName, "CN=Certname", false)[0];
            store.Close();

        var endpointIdentity = EndpointIdentity.CreateX509CertificateIdentity(cert);
        var endpoint = new EndpointAddress(new Uri("ServiceUri"), endpointIdentity);

        return endpoint;
    }

So this is what i have so far! Using this returns an error saying :

The client certificate is not provided. Specify a client certificate in ClientCredentials.

Anyone have an idea? Be gentle, I'm new to this!

Answer

anton.burger picture anton.burger · Jan 10, 2012

As discovered in comments on the other answer, you need to set service.ClientCredentials.ClientCertificate.Certificate directly.