Versions Compared

Old Version 2

changes.mady.by.user Tómas Tómasson

Saved on

compared with

New Version Current

changes.mady.by.user Tómas Tómasson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
  <behaviors>
    <serviceBehaviors>
      
      <behavior name="HttpsBehaviour">
        <dataContractSerializer maxItemsInObjectGraph="2147483647" />
        <serviceAuthorization principalPermissionMode="Custom">
          <authorizationPolicies>
            <add policyType="Kodi.Kodiak.Security.AuthorizationPolicy, Kodi.Kodiak.Security" />
          </authorizationPolicies>
        </serviceAuthorization>
        <serviceCredentials>
          <serviceCertificate storeLocation="LocalMachine" storeName="My" x509FindType="FindByThumbprint" findValue="991ab4fb6080ce11d64ba60bea79f4f81a014bb0"/>
        </serviceCredentials>
        <serviceDebug includeExceptionDetailInFaults="true" />
        <serviceMetadata httpGetEnabled="false" httpsGetEnabled="false" />
      </behavior> 
      
      <behavior name="ServiceBehaviorBasicHttps">
        <serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"/>
        <serviceDebug includeExceptionDetailInFaults="false" />
        <dataContractSerializer maxItemsInObjectGraph="2147483646" />
      </behavior>

Finding Certificates in the behavior.

It is possible to set the x509FindType to use different methods to find the certificate. Below are examples for subject name or thumbprint. Thumbprint values need to be changed when the certificate is renewed and the value changes. FindBySubjectName should be more resilient to such changes.

FindByThumbprint

<serviceCertificate storeLocation="LocalMachine" storeName="My" x509FindType="FindByThumbprint" findValue="991ab4fb6080ce11d64ba60bea79f4f81a014bb0"/>

FindBySubjectName

<serviceCertificate storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" findValue="kodiak-staging.kodi.internal"/>

Binding

Code Block
<wsHttpBinding>
    <binding name="WSHttpsBinding" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false" maxBufferPoolSize="2147483646" maxReceivedMessageSize="2147483646">
      <readerQuotas maxDepth="2147483646" maxStringContentLength="2147483646" maxArrayLength="2147483646" maxBytesPerRead="2147483646" maxNameTableCharCount="2147483646" />
      <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" />
      <security mode="Transport">
        <transport clientCredentialType="Windows" />
      </security>
    </binding>
</wsHttpBinding>

  <webHttpBinding>
    <binding name="WebHttpsBinding">
      <security mode="Transport">
        <transport clientCredentialType="Windows" />
      </security>
    </binding>
  </webHttpBinding>

...