 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / ASP.NET / Web Services / April 2006WSE3.0 with X.509 Certificate authentication
Hi, I am trying to implement web services with WSE3.0 and X.509 Certificate authentication. I have gone through WSE quick start examples. Looks very impressive. I have couple of questions on X.509 certificates. In WSE 3.0 Quick start example Message layer X.509 example, We are using X.509 certificate for client side application with CN="WSE2QuickStartClient". We have 50 clients installed on different machines. Do we need to create 50 - X.509 certificates with CN="WSE2QuickStartClient from same CA's. Or only one Client X.509 Certificate we can distribute to all the 50 clients. if we go with X.509 certificate authentication, is other platforms like delphi, java are compatible right? If we give X.509 Service certificate public key they can talk to our web services right. Even they have to get client side X.509 certificate from CA's with same CN="" mentioned in Services policy. Each client X.509 certificates manually need to be installed before talking to web services. Thank you! Suresh Hi Suresh, 1. Do we need to create 50 - X.509 certificates with CN="WSE2QuickStartClient from same CA's. Or only one Client X.509 Certificate we can distribute to all the 50 clients ? If you want to identify to each client in a different way, for example, Client1, Client2, Client3, etc, you will have to install a different certificate for each one. If you do not care about that, and it is possible for you to treat the clients in the same way, you can install one certificate for all of them. Another approach is to use a UsernameOverCertificateAssertion. In that case, you only need to distribute the public key of your service certificate, and you can still distinguish each user 2. if we go with X.509 certificate authentication, is other platforms like delphi, java are compatible right? Yes, it is compatible. 3. If we give X.509 Service certificate public key they can talk to our web services right Yes, that is correct 4. Each client X.509 certificates manually need to be installed before talking to web services. Yes, that is correct. Regards, Pablo Cibraro http://weblogs.asp.net/cibrax > Hi, > I am trying to implement web services with WSE3.0 and X.509 [quoted text clipped - 21 lines] > Thank you! > Suresh Hi Pablo Cibraro, Thanks for your quick response. 1. Is UsernameOverCertificateAssertion works with cross platforms like java, Delphi..? 2. Which one is recommended for cross platforms Webservices X.509 authentication or UsernameOverCertificateAssertion? 3. Is it possible to talk from .NET 1.1 applications without WSE to talk to Webservices which are implemented by WSE 3.0. Thank you! Suresh 1. Yes, it is completely recommended to work with cross platforms. 2. Both are the same. 3. if the Web Services are secure, you will have to create your own framework to apply message security to the messages. WSE 2.0 runs on .NET 1.1 but it is not compatible with WSE 3.0. I recommend you to take a look to this project in GDN, it is about interoperability between different vendors such as Microsoft, IBM, Novel, SAP; etc. http://practices.gotdotnet.com/projects/wsibsp Regards, Pablo. > Hi Pablo Cibraro, > Thanks for your quick response. [quoted text clipped - 9 lines] > Thank you! > Suresh Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.