I would like to secure my REST service implemented over the Service Stack, by means of X509 certificates? I will be hosting my service in a .NET application.
I can build the service and it seems to work fine.
Any working example using certificates would be highly appreciated.
I've been following these two examples:
http://pfelix.wordpress.com/2012/02/26/enabling-https-with-self-hosted-asp-net-web-api/
http://blogs.msdn.com/b/jpsanders/archive/2009/09/29/walkthrough-using-httplistener-as-an-ssl-simple-server.aspx
From the two blogs I did the following:
Obtained a cert and installed in the Local Computer > Personal > Certificates
Set my Endpoint address to be: https://*:443/
Ran the commands from the blogs:
netsh http add urlacl url=https://+:443/ user=XXX
I later found that this didn't work and this did
Then linked the certificate:
This failed with a Fatal Error - 1312, this link explains the cause of the problem. The resolution was fairly easy for our network guy, but beyond my understanding of certs.
Once the correct cert was installed, the netsh command ran without a problem and I was up and running with SSL.