WCF custom certificate validator not invoked in BIG-IP environment

Question

My WCF service with a custom client certificate validator works fine in my non load balanced environment.

When first deployed to BIG-IP environment there was a problem with it stripping SSL information and ending up sending only http information to the service, which did not work at all.

But after this was solved with some BIG-IP settings i now experience that the service completely ignores the custom certificate validator and lets any client certificate through. The log shows that the Validate method of my custom X509CertificateValidator is never called as it is in the non load balanced environment.

I do not know where to start... I suppose it is still a load balancer issue.

score 1 · Answer 1 · answered Oct 02 '12 at 19:55

The answer is apparently to subclass HttpBindingTransportElement and make it lie when asked whether it supports SSL. WCF will then accept non-Windows creds, e.g. client certs. I haven't tried this yet, but these posts seem pretty authoritative.

Example 1 of approach

Example 2 of approach

WCF custom certificate validator not invoked in BIG-IP environment

1 Answers1