Closed qinxgit closed 2 years ago
JustinCouto
commented
2 years ago Hi @qinxgit
This is something we would be happy to take a pull request for. We are not currently adding features to this project as its current state is doing what we need it to. If you need this in your project, please submit a pull request.
qinxgit
commented
2 years ago @JustinCouto
Thanks. Fortunately, I found out that no code change is needed. Just put this into both client and service side's Config/Settings.xml file will enable the certificate based authentication. It will be parsed by the runtime in the backend.
<Section Name="TransportSettings">
<Parameter Name="SecurityCredentialsType" Value="X509" />
<Parameter Name="CertificateFindType" Value="FindBySubjectName" />
<Parameter Name="CertificateFindValue" Value="test.company.com" />
<Parameter Name="CertificateStoreLocation" Value="LocalMachine" />
<Parameter Name="CertificateStoreName" Value="My" />
<Parameter Name="CertificateProtectionLevel" Value="EncryptAndSign" />
<Parameter Name="CertificateRemoteCommonNames" Value="test.company.com" />
</Section>Great!
Can it be added support to allow change settings of FabricTransportRemotingListenerSettings when the cache service is starting up, so that SecurityCredentials of this setting can be set accordingly to do a authenticated communication between cache client and cache service?
This is pretty important for serious applications to avoid unwanted client to talk to the cache service.