加密自定义标头-WCF-WSHttpBinding-邮件安全

Question

I have an WCF service, which is configured in WSHttpBinding , using security mode="Message" , with clientCredentialType="None" . I'm adding an custom MessageHeader using IClientMessageInspector on BeforeSendRequest and i want to also encrypt it. Is it possible?

EDIT: Currently I've added an custom asymmetic engine, which is encrypting, using certificate acquired by:

 <behaviors>
  <endpointBehaviors>
    <behavior>
      <clientCredentials>
        <serviceCertificate>
          <authentication certificateValidationMode="Custom" customCertificateValidatorType="CustomCertificateValidator.CustomCertificateValidator, CustomCertificateValidator"/>
        </serviceCertificate>
      </clientCredentials>
    </behavior>
  </endpointBehaviors>
</behaviors>

and decrypting (certificate on server found by thumbprint) specific values, just before writing/reading them to/from header. Is it a good way to do it? Can it be done better?

Answer 1

This could be completed by specifying a service certificate. By default, the message security is implemented by using Windows credential.

WSHttpBinding binding = new WSHttpBinding();
            binding.Security.Mode = SecurityMode.Message;
            binding.Security.Message.ClientCredentialType = MessageCredentialType.Windows;

So just we need to do is specify a service certificate for encrypting and signing.

using (ServiceHost sh = new ServiceHost(typeof(MyService)))
{
    sh.Credentials.ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByThumbprint, "cbc81f77ed01a9784a12483030ccd497f01be71c");

    sh.Open();
    Console.WriteLine("Service is ready....");

    Console.ReadLine();
    sh.Close();
}

Result.
Feel free to let me know if there is anything I can help with.