[Mono-dev] self hosted WCF service with client certificates?

Edward Ned Harvey (mono) edward.harvey.mono at clevertrove.com
Thu Nov 12 12:46:03 UTC 2015

Martin, is this a question for you?

> From: mono-devel-list-bounces at lists.ximian.com [mailto:mono-devel-list-
> bounces at lists.ximian.com] On Behalf Of Darkness
> I currently have the following up and running without issues:
> * self hosted WCF service, compiled with .Net/Visual studio 2013, running on
> Linux+mono 3.12.0
> * WCF service uses basicHttpBinding with transport security (self-signed
> certificate with rootCA certificate)
> * WCF client running on windows/.Net 4.0 with corresponding
> basicHttpBinding
> configuration
> The client can connect and communicate with this service (client currently
> ignores the certificate error due to self-signed certificate -
> ServicePointManager.ServerCertificateValidationCallback)

Does WCF service using basicHttpBinding use SslStream under the hood? Or something else provided by the OS?

Last I knew, SslStream as a server, works for self-signed certs, but fails if you have a real cert signed by a CA intermediate.

> However, I would like to add client certificates to this setup to be able to
> identify clients on the server side for client-specific handling.

Given that SslStream doesn't work in a *standard* configuration, is there any chance of client cert authentication working?

More information about the Mono-devel-list mailing list