1. <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  2.                                              WCF
  3. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
  4. <system.serviceModel>
  5.  
  6.   <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
  7.  
  8.   <protocolMapping>
  9.     <add scheme="http" binding="wsHttpBinding" />
  10.   </protocolMapping>
  11.  
  12.   <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  13.        Behaviors
  14.  - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
  15.   <behaviors>
  16.     <serviceBehaviors>
  17.  
  18.       <!-- Behavior for the service with certificate-based authentication -->
  19.       <behavior name="SecureFooBehavior">
  20.  
  21.         <!--
  22.          To avoid disclosing metadata information, set the value below to false and
  23.          remove the metadata endpoint above before deployment
  24.        -->
  25.         <serviceMetadata httpGetEnabled="true" />
  26.  
  27.         <!--
  28.          To receive exception details in faults for debugging purposes, set the value
  29.          below to true. Set to false before deployment to avoid disclosing
  30.          exception information
  31.        -->
  32.         <serviceDebug includeExceptionDetailInFaults="true" />
  33.  
  34.         <!--
  35.          Specifies the credential to be used in authenticating the service and
  36.          the client credential validation-related settings.
  37.        -->
  38.         <serviceCredentials>
  39.  
  40.           <!--
  41.            Specifies an X.509 certificate that will be used to authenticate
  42.            the service to clients using Message security mode.
  43.          -->
  44.           <serviceCertificate
  45.            storeLocation="LocalMachine"
  46.            storeName="My"
  47.            x509FindType="FindByThumbprint"
  48.            findValue="01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F 10 11 12 13 14"
  49.          />
  50.  
  51.           <!--
  52.            Specifies the certificate to be used when the client certificate is
  53.            available out-of-band. This element also specifies client certificate
  54.            validation settings.
  55.          -->
  56.           <clientCertificate>
  57.             <authentication certificateValidationMode="None" />
  58.             <!-- PeerOrChainTrust -->
  59.           </clientCertificate>
  60.  
  61.         </serviceCredentials>
  62.  
  63.       </behavior>
  64.     </serviceBehaviors>
  65.   </behaviors>
  66.  
  67.   <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  68.        Bindings
  69.  - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
  70.   <bindings>
  71.     <wsHttpBinding>
  72.       <binding name="FooBinding">
  73.         <security>
  74.           <message clientCredentialType="Certificate" />
  75.         </security>
  76.       </binding>
  77.     </wsHttpBinding>
  78.   </bindings>
  79.  
  80.   <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  81.        Services
  82.  - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
  83.   <services>
  84.     <service
  85.      name="Company.Foo.Service.FooService"
  86.      behaviorConfiguration="SecureFooBehavior"
  87.    >
  88.  
  89.       <!--
  90.        This endpoint is exposed at the base address provided by host
  91.      -->
  92.       <endpoint
  93.        contract="Company.Foo.Service.IFooService"
  94.        binding="wsHttpBinding"
  95.        bindingConfiguration="FooBinding"
  96.      />
  97.  
  98.       <!--
  99.        The Metadata Exchange (mex) endpoint is used to query informations about
  100.        the services classes, structures and methods. Without this, Visual Studio
  101.        can not auto-discover the interface exposed by a web service.
  102.      -->
  103.       <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
  104.  
  105.     </service>
  106.   </services>
  107.  
  108. </system.serviceModel>
  109.