2-Way SSL for WCF Web Service Hosted on IIS

-

I recently was involved in getting the above to work in our environment. The steps follows:

  1. Ensure that the SSL certificates are correctly signed
  2. Ensure that the SSL certificate chain is present and valid
  3. Install the certificates in the “Current User” account for validation
    1. Execute mmc.exe, add “Certificates” snap-in with “My user account”
    2. Install the certificate within “Personal” store
    3. Verify by using Internet Explorer to retrieve the WSDL from the remote web service
    4. If the certificate and chain are correct, Internet Explorer will validate them and report so with “Certificate is OK”
  4. Install the certificates (and the entire chain) in the “Local Computer” account
    1. Execute mmc.exe, add “Certificates” snap-in with “Computer account”
    2. Install the certificate within “Personal” store
    3. Note the thumbprint of the certificate
  5. Configure the WCF web.config to make use of “Client Certificates” by finding the certificate
    1. within the “LocalMachine”
    2. using the thumbprint (remove the spaces)
  6. Note the IIS application pool name configured to execute requests to the WCF web service (e.g. web service pool)
  7. Find the certificate in mmc for “Local Computer” account, right-click on the certificate to “Manage Private Keys”
  8. In the Permissions Dialog,
    1. add the user “IIS AppPool\PoolName” (e.g. IIS App Pool\web service pool)
    2. allow the user “Full Control”

Comments

Post a Comment

Popular posts from this blog

Understanding ITIL Service Management the UML way…

-
Image
I originally had a great deal of difficult reconciling the differences amongst ITIL Change Management, Incident Management, and Problem Management. Having researched on the subjects and understanding them better now, I’ve tried to put the concepts together using a UML class diagram to capture my understanding and to keep it imprinted. Similarly, I wanted to differentiate the various categories of changes (Standard, Emergency, Normal) using an easy to understand & self-explanatory manner – a UML Activity Diagram!
Read more

How to depict (Professional-Looking) Logical Network Diagrams in Astah

-
Image
I have always had to create (professional-looking) UML diagrams using Visio-like icons. You’ve got to admit that showing a bunch of boring UML boxes hardly interests anyone less technical (like anyone whose designation has the words “manager” or “director”). This is actually possible in Astah! I’ve created a template for future projects that allows me to produce logical network diagrams that look like the following: To create this diagram, you need to do the following: Assign various icons to stereotypes. I created the following for my use: Create a new UML Deployment Diagram Every element in the diagram is created as a Node The nodes are subsequently assigned the appropriate <<stereotype>>. E.g. Internet is <<internet>>, WebZone FW is <<firewall>>, Web LB is <<loadBalancer>> Ensure the “Icon Notation” is set to “Customized Icon” for each node Instead of the boring boxes, the corresponding icons automatically gets displayed!
Read more