WCF HTTPS self hosted service Certificate Installation guide
When hosting a WCF service in IIS the whole process of upgrading it to https is really easy but for a self hosted WCF service in a windows process or in any .net application you need to manually install the server certificates for https to work.
What you need is to start visual studio command prompt and enter these 2 commands.
1. makecert.exe -sv SignRoot.pvk -cy authority -r signroot.cer -a sha1 -n “CN=AuthorityName” -ss my -sr localmachine
this call will create the root certification authority in the local machine. Now we need to actually create the server certificate.
2. makecert.exe -iv SignRoot.pvk -ic signroot.cer -cy end -pe -n CN=“localhost” -eku 22.214.171.124.126.96.36.199.1 -ss my -sr localmachine -sky exchange -sp “Microsoft RSA SChannel Cryptographic Provider” -sy 12
this call will create the actual server certificate needed for https channel to work. This certificate will work only when you host the WCF service in localhost. When you move it to another machine or make it accessible on the network you need to call again the second makecert and at CN enter the ip of the machine.
We have the certificate in place now but we need to map it to a custom port if you wish or the default 443 port.
Use httpConfig (GIYF) and go to SSL and if in the list your address:port is not present go to Add and fill up the desired IP, port the Guid of the WCF App (found in AssemblyInfo.cs) and click browse to find the certificate created before. Then click OK, Apply and you can use the WCF service through a secure https service.
If you have any questions regarding hosting the WCF Service just give me a shout
Some browsers won’t allow access to a service if the expiry date is more than 2 years. That’s why in the second makecert call you can also specify the expiry date: -e dd/mm/yyyy