Hi,

I'm trying to get up to speed with WSE 3 as I have a project that secured
web services would help a great deal with, but have reached a frustrating
point in the configuration.  I might be asking what appears to be a dumb set
of questions.  Apologies in advance!

I'm looking to use usernameForCertificateAssertion, which I understand
should allow me to use a server certificate to secure the messages, while
using a simple login process so far as the user is concerned (I already have
a SQL DB of user accounts that I want to continue using).

I have a server certificate on our web server that is used for SSL.

What I have not yet found out (or correctly understood) is:-

Can I use the same existing server certificate (currently just enabling SSL)
to also enable the WSE certificate security?

If I can use that same certificate in this way, how do I get my development
PC to use that certificate?

Do I need a different type of certificate?  If so, what type should I be
looking at?

Documentation on this aspect seems a bit sparse, and the WSE wizard only
allows access to local machine certificate store - there's no browse, etc
for specifying the actual server/certificate it will be using in production.

Can anyone point me in the direction of a web site/how-to/_decent_ book that
describes in sufficient step-by-step detail the actual steps required to use
this approach (so my noddy-level brain can keep up!).

I have the PDF and printed version of the P&P WSE 3.0 scenarios and
implementation guidance - but it doesn't seem to say anything more than "it
can do it".  No detail on HOW to do it (assumptions made by the writers that
a given environment already exists, perhaps?).  The PDF and book are just
the MSDN articles stuck together in one document.

Thanks muchly for any decent advice.

Al