I have a WCF service that is hosted in a windows application. The service uses netMsmqBinding. The client and the host are in different domains. My question is how do I configure the security settings?
The data that is transferred is sensitive so I would like to secure the communication between the client and the host of the service. The only problems is that I don't know how to do it… (I don't want to use certificates)
Any help would be appreciated!
James Schek: It works perfectly when I run it without security (no matter where is the MSMQ). In my case the MSMQ is hosted on the server and if it is down – then the client's messages stay in its outgoing queue and when the MSMQ is up and running again all messages are sent – this is the power of MSMQ and is the expected behavior (that is why all messages sent over MSMQ must be OneWay, because we don't know when the server or the client are online – we just want the messages delivered).
One of the administrators in our organization asked me if there is other way (instead of certificates) – that is why I am asking (he wants to know all possible ways of securing in this scenario).
I am in work group mode and not in domain mode! So I am not able to use Domain…and there is not AD at all.
MSMQ is generally not suitable for use over the Internet (if that is what you plan to do). Otherwise I don't think you can avoid certificates if you want message-level security.