Dear All!

I would like to implement a server - client software with the following security requirements:

• WCF-Services need to be secured with SSL and Certificates for both, the server and the client

• Client certificates need to be generated programmatically upon user registration

• Client-certificates are deployed via a an automatically generated installer-package

• Altough the client-certificates are self-signed (no authorized CA for the generation server) the end-user must not add the server-certificate to the trusted certificates in the local Certificate Store

My problems: I cannot find any information regarding establishing such a two-way ssl-security for wcf, while the server-certificate is not signed by an authorized CA and instead is created programmatically with "makecert"...

My question: Is it technically possible to implement this requirements? If yes - could you provide some hints how to get started?

Thank you!