selfhost でホストされている WCF サービスを取得し、TCP 経由で winform クライアントと通信します。これは、証明書 (イントラネットのトランスポート) を設定するための正しい方法ですか? 通信が確実に暗号化されていることを確認するにはどうすればよいですか?
サービス
<behavior name="MyAppClientService.Certificate_Behavior">
<dataContractSerializer maxItemsInObjectGraph="2147483647"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceMetadata httpGetEnabled="true"/>
<customBehaviorExtension_ClientService/>
<serviceThrottling maxConcurrentCalls="2000" maxConcurrentSessions="2147483647" maxConcurrentInstances="2000"/>
<serviceCredentials>
<clientCertificate>
<authentication certificateValidationMode="PeerTrust"/>
</clientCertificate>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="MyApp.ServiceImplementation.CustomUsernamePasswordValidator, MyApp.ServiceImplementation"/>
<serviceCertificate findValue="MyAppServer"
storeLocation="CurrentUser"
storeName="TrustedPeople"
x509FindType="FindBySubjectName" />
</serviceCredentials>
<serviceAuthorization principalPermissionMode="Custom" serviceAuthorizationManagerType="MyApp.ServiceImplementation.CustomServiceAuthorizationManager, MyApp.ServiceImplementation">
<authorizationPolicies>
<add policyType="MyApp.ServiceImplementation.CustomAuthorizationPolicy_ClientService, MyApp.ServiceImplementation"/>
</authorizationPolicies>
</serviceAuthorization>
</behavior>
<services>
<service behaviorConfiguration="MyAppClientService.Certificate_Behavior" name="MyApp.ServiceImplementation.MyAppClientService">
<endpoint binding="netTcpBinding" bindingConfiguration="netTcpCertificate" behaviorConfiguration="protoEndpointBehavior" bindingNamespace="http://MyApp.ServiceContracts/2007/11" contract="MyApp.ServiceContracts.IMyAppClientService" address="Sll"/>
<!-- No need for MEX for this service -->
<!--<endpoint address="httpMex" binding="mexHttpBinding" contract="IMetadataExchange"/>-->
<!--<endpoint address="tcpMex" binding="mexTcpBinding" contract="IMetadataExchange"/>-->
<host>
<baseAddresses>
<add baseAddress="net.tcp://localhost:8035/MyApp5Service/Client/"/>
<add baseAddress="http://localhost:8002/MyApp5Service/Client"/>
</baseAddresses>
</host>
</service>
<bindings>
<netTcpBinding>
<binding name="netTcpCertificate" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="infinite" sendTimeout="01:00:00" transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions" hostNameComparisonMode="StrongWildcard" listenBacklog="1000" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxConnections="200" maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647"/>
<reliableSession ordered="true" inactivityTimeout="infinite" enabled="false"/>
<security mode="Transport">
<transport clientCredentialType="Certificate"/>
<message clientCredentialType="Certificate"/>
</security>
</binding>
</netTcpBinding>
</bindings>
クライアント
<behaviors>
<endpointBehaviors>
<behavior name="protoCertificateEndpointBehavior">
<clientCredentials>
<clientCertificate findValue="MyAppClient" x509FindType="FindBySubjectName" storeLocation="CurrentUser" storeName="TrustedPeople"/>
<serviceCertificate>
<authentication certificateValidationMode="PeerTrust"/>
</serviceCertificate>
</clientCredentials>
<CustomMessageInspector/>
<protobuf/>
</behavior>
</endpointBehaviors>
</behaviors>
<client>
<endpoint address="net.tcp://localhost:8035/MyApp5Service/Client/Sll" behaviorConfiguration="protoCertificateEndpointBehavior" binding="netTcpBinding" bindingConfiguration="netTcpCertificate" contract="MyApp.ServiceContracts.IMyAppClientService" name="SelfHostProtoCert_RegularLogin">
<identity>
<dns value="MyAppServer" />
</identity>
</endpoint>
</client>
<bindings>
<netTcpBinding>
<!-- http://msdn.microsoft.com/en-us/library/ff648863.aspx -->
<binding name="netTcpCertificate" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="infinite" sendTimeout="01:00:00" transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions" hostNameComparisonMode="StrongWildcard" listenBacklog="1000" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxConnections="200" maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647"/>
<reliableSession ordered="true" inactivityTimeout="infinite" enabled="false"/>
<security mode="Transport">
<transport clientCredentialType="Certificate"/>
<message clientCredentialType="Certificate"/>
</security>
</binding>
</netTcpBinding>
</bindings>