Configure WCF and WF for Server, Site, Application, or Virtual Directory: Security Tab
Use the Security tab in the Configure Server, Configure Site, Configure Application, or Configure Directory dialog box to configure the default service certificate for a server, site, application, or virtual directory level.
Dialog Fields
Field |
Description |
Use Certificate |
Select this check box to enable a certificate to be used at the specific level. If this box is not checked, all the remaining controls in the Security dialog box are disabled. Warning If a certificate has been configured at a higher scope, and the Use Certificate checkbox is unchecked at a lower scope, the following warning will appear: Any updates made on this tab may result in the loss of existing service credential configuration defined at a higher scope and currently inherited. This is because only a subset of the behavior is affected by the Windows Server AppFabric tooling. This means that any existing configuration settings outside of that subset will simply be lost. |
Store location |
Select the location of the certificate store to be one of these values.
|
Store name |
Select the name of the certificate store to be one of these values.
|
Browse |
Allows you browse through certificates taken from the Local Machine and Personal certificate store by default. Click on View to display the standard default Windows Certificate dialog box. This allows you to view certificate information, details, and certification path. The View button is disabled in remote scenarios. |
Query/Find certificate by: |
If you choose not to Browse for a certificate, you can search through the local certificate stores using the following predefined items of search criteria. Click on the down arrow to display the list of existing search parameters for you to use in your search.
|
Query/Find value: |
Works in conjunction with the Query/Find certificate by selection to assign an actual value to the search parameter you selected in the Query/Find certificate by listbox. |
Run |
If you click on the Run button, it will run the search query combining the search parameter (Query/Find certificate by) and the actual search value (Query/Find value). This button is disabled in remote scenarios. The results of the search are the list of certificates matching the query displayed in the standard NET certificate viewer. Click on View to display the standard default NET Certificate dialog box. |
Related Configurations
The fields in the Security tab correspond to the serviceCertificate element. If the Use certificate option is checked, the <serviceCredentials><serviceCertificate/></serviceCredentials> element is added to the default behavior in the configuration file. This makes it visible to services below the selected level.
In the following sample application configuration, the certificate identified by a value "12519AE9CD777A560184F1FBD54215222E95E71F" is used as the search value for FindByThumbprint by the serviceCertificate element. This certificate will be used for any endpoints exposed by any services that are part of this application.
<serviceCredentials>
<serviceCertificate findValue="12519AE9CD777A560184F1FBD54215222E95E71F" storeLocation="LocalMachine" storeName="CertificateAuthority" x509FindType="FindByThumbprint" />
</serviceCredentials>