Configure Service: Security Tab
Use the Security tab in the Configure Service dialog box to configure a service certificate for a service. This can be done in this dialog box either by browsing or querying certificate stores.
Dialog Fields
Field |
Description |
Use Certificate |
Select this check box to enable a certificate to be used at the service level. If this box is not checked, all the remaining controls in the Security dialog box are disabled. Warning If a certificate has been configured at a higher scope, and the Use Certificate checkbox is unchecked at a lower scope, the following warning will appear: Any updates made on this tab may result in the loss of existing service credential configuration defined at a higher scope and currently inherited. This is because only a subset of the behavior is affected by the Windows Server AppFabric tooling. This means that any existing configuration settings outside of that subset will simply be lost. |
Store location |
Select the location of the certificate store to be one of these values.
|
Store name |
Select the name of the certificate store to be one of these values.
|
Browse |
Allows you to browse through certificates taken from the Local Machine and Personal certificate store by default. Browsing for a certificate through the Browse button always configures the service's certificate by thumbprint. Click on View to display the standard default NET Certificate dialog box. This allows you to view certificate information, details, and certification path. The View button is disabled in remote scenarios. |
Query/Find certificate by: |
If you choose not to Browse for a certificate, you can search through the local certificate stores using the following predefined items of search criteria. Click on the down arrow to display the list of existing search parameters for you to use in your search.
|
Query/Find value: |
Works in conjunction with the Query/Find certificate by selection to assign an actual value to the search parameter you selected in the Query/Find certificate by listbox. |
Run |
If you click on the Run button, it will run the search query combining the search parameter (Query/Find certificate by) and the actual search value (Query/Find value). This button is disabled in remote scenarios. The results of the search are the list of certificates matching the query displayed in the standard NET certificate viewer. Click on View to display the standard default NET Certificate dialog box. |
Related Configurations
The fields in the Security tab correspond to the serviceCertificate element. If the Use certificate option is checked, the <serviceCredentials><serviceCertificate/></serviceCredentials> element is added to the service element associated with the service in the configuration file.
In the following sample configuration, the certificate named Costoso.com is used as the search value for FindBySubjectName by the serviceCertificate element in the behavior element associated with the service s1. This certificate will be used for any endpoints exposed by this service.
<system.serviceModel>
<services>
<service name="s1" behaviorConfiguration="s1Behavior"/>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="s1Behavior">
<serviceCredentials>
<serviceCertificate findValue="Contoso.com"
x509FindType="FindBySubjectName" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>