protected override void ApplyConfiguration() { base.ApplyConfiguration(); Credentials.ServiceCertificate.Certificate = TestHost.CertificateFromFriendlyName(StoreName.My, StoreLocation.LocalMachine, "WCF Bridge - Machine certificate generated by the CertificateManager"); Credentials.UseIdentityConfiguration = true; Uri serverBasePathUri = BaseAddresses[0]; // Just in case an address isn't found for https, prevents a NRE foreach (var baseAddress in BaseAddresses) { if (baseAddress.Scheme == "https") { serverBasePathUri = baseAddress; break; } } var audienceUriBuilder = new UriBuilder(serverBasePathUri); audienceUriBuilder.Path = audienceUriBuilder.Path + "/" + Address; // localhost audienceUriBuilder.Host = "localhost"; // When IIS hosted Host was the fqdn, self hosted it's localhost Credentials.IdentityConfiguration.AudienceRestriction.AllowedAudienceUris.Add(audienceUriBuilder.Uri); audienceUriBuilder.Host = System.Net.Dns.GetHostEntry("127.0.0.1").HostName; // fqdn Credentials.IdentityConfiguration.AudienceRestriction.AllowedAudienceUris.Add(audienceUriBuilder.Uri); audienceUriBuilder.Host = Environment.MachineName; // netbios name Credentials.IdentityConfiguration.AudienceRestriction.AllowedAudienceUris.Add(audienceUriBuilder.Uri); Credentials.IdentityConfiguration.CertificateValidationMode = X509CertificateValidationMode.None; var issuerUri = new Uri(serverBasePathUri, FederationSTSServiceHost.BasePath + "/" + FederationSTSServiceHost.RelativePath); Credentials.IdentityConfiguration.IssuerNameRegistry = new CustomIssuerNameRegistry(issuerUri.ToString()); }
protected override void ApplyConfiguration() { base.ApplyConfiguration(); Credentials.ServiceCertificate.Certificate = TestHost.CertificateFromFriendlyName(StoreName.My, StoreLocation.LocalMachine, "WCF Bridge - Machine certificate generated by the CertificateManager"); Credentials.UseIdentityConfiguration = true; Uri serverBasePathUri = BaseAddresses[0]; // Just in case an address isn't found for https, prevents a NRE foreach (var baseAddress in BaseAddresses) { if (baseAddress.Scheme == "https") { serverBasePathUri = baseAddress; break; } } foreach (var tuple in FederationSTSServiceHost.EndpointList) { foreach (string encodingName in Enum.GetNames(typeof(WSMessageEncoding))) { AddAllowedAudienceUri(serverBasePathUri, tuple.Item3 + "/" + encodingName); AddAllowedAudienceUri(serverBasePathUri, tuple.Item3 + "/sc/" + encodingName); } } Credentials.IdentityConfiguration.CertificateValidationMode = X509CertificateValidationMode.None; Credentials.IdentityConfiguration.IssuerNameRegistry = new CustomIssuerNameRegistry(); }
protected override void ApplyConfiguration() { base.ApplyConfiguration(); string certThumprint = TestHost.CertificateFromFriendlyName(StoreName.My, StoreLocation.LocalMachine, "WCF Bridge - TcpCertificateWithSubjectCanonicalNameLocalhostResource").Thumbprint; this.Credentials.ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByThumbprint, certThumprint); }
protected override void ApplyConfiguration() { base.ApplyConfiguration(); string certThumprint = TestHost.CertificateFromFriendlyName(StoreName.My, StoreLocation.LocalMachine, "WCF Bridge - Machine certificate generated by the CertificateManager").Thumbprint; this.Credentials.ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByThumbprint, certThumprint); }
protected override void ApplyConfiguration() { base.ApplyConfiguration(); string thumbprint = TestHost.CertificateFromFriendlyName(StoreName.My, StoreLocation.LocalMachine, "WCF Bridge - TcpInvalidEkuServerCert").Thumbprint; this.Credentials.ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByThumbprint, thumbprint); }
protected override void ApplyConfiguration() { base.ApplyConfiguration(); string certThumprint = TestHost.CertificateFromFriendlyName(StoreName.TrustedPeople, StoreLocation.LocalMachine, "WCF Bridge - UserPeerTrustCertificateResource").Thumbprint; this.Credentials.ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.TrustedPeople, X509FindType.FindByThumbprint, certThumprint); }
protected override void ApplyConfiguration() { base.ApplyConfiguration(); // Ensure the https certificate is installed before this endpoint resource is used string thumbprint = TestHost.CertificateFromFriendlyName(StoreName.My, StoreLocation.LocalMachine, "WCF Bridge - Machine certificate generated by the CertificateManager").Thumbprint; this.Credentials.ClientCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None; this.Credentials.ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByThumbprint, thumbprint); }
protected override void ApplyConfiguration() { base.ApplyConfiguration(); this.Credentials.ClientCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.Custom; this.Credentials.ClientCertificate.Authentication.CustomCertificateValidator = new MyX509CertificateValidator("DO_NOT_TRUST_WcfBridgeRootCA"); string thumbprint = TestHost.CertificateFromFriendlyName(StoreName.My, StoreLocation.LocalMachine, "WCF Bridge - Machine certificate generated by the CertificateManager").Thumbprint; this.Credentials.ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByThumbprint, thumbprint); }
protected override void ApplyConfiguration() { base.ApplyConfiguration(); Credentials.ServiceCertificate.Certificate = TestHost.CertificateFromFriendlyName(StoreName.My, StoreLocation.LocalMachine, "WCF Bridge - Machine certificate generated by the CertificateManager"); Credentials.UseIdentityConfiguration = true; var serverBasePathUri = BaseAddresses[0]; var audienceUri = new Uri(serverBasePathUri, BasePath + "/" + Address); Credentials.IdentityConfiguration.AudienceRestriction.AllowedAudienceUris.Add(audienceUri); Credentials.IdentityConfiguration.CertificateValidationMode = X509CertificateValidationMode.None; var issuerUri = new Uri(serverBasePathUri, FederationSTSServiceHost.BasePath + "/" + FederationSTSServiceHost.RelativePath); Credentials.IdentityConfiguration.IssuerNameRegistry = new CustomIssuerNameRegistry(issuerUri.ToString()); }
protected void ConfigureService() { base.ApplyConfiguration(); var config = ServiceContract.SecurityTokenServiceConfiguration; config.SigningCredentials = new X509SigningCredentials(TestHost.CertificateFromFriendlyName(StoreName.My, StoreLocation.LocalMachine, "WCF Bridge - STSMetaData")); config.ServiceCertificate = TestHost.CertificateFromFriendlyName(StoreName.My, StoreLocation.LocalMachine, "WCF Bridge - Machine certificate generated by the CertificateManager"); config.SecurityTokenService = typeof(SelfHostSecurityTokenService); config.TokenIssuerName = "SelfHostSTS"; config.SecurityTokenHandlerCollectionManager[SecurityTokenHandlerCollectionManager.Usage.ActAs] = SecurityTokenHandlerCollection.CreateDefaultSecurityTokenHandlerCollection(); config.SecurityTokenHandlerCollectionManager[SecurityTokenHandlerCollectionManager.Usage.OnBehalfOf] = SecurityTokenHandlerCollection.CreateDefaultSecurityTokenHandlerCollection(); config.CertificateValidationMode = X509CertificateValidationMode.ChainTrust; config.IssuerNameRegistry = new ReturnX509SubjectNameOrRSAIssuerNameRegistry(); Credentials.ServiceCertificate.Certificate = config.ServiceCertificate; Credentials.UseIdentityConfiguration = true; }
public CustomIssuerNameRegistry() { var issuerCert = TestHost.CertificateFromFriendlyName(StoreName.My, StoreLocation.LocalMachine, "WCF Bridge - STSMetaData"); _issuer = issuerCert.SubjectName.Name; }