I have a WCF service with Message Security Authentication.
I want to set up a routing service for Load Balancing.
For some reason it doesn't work, I've enabled includeExceptionDetailInFaults to see exceptions, so in the client I see:
The client certificate is not provided. Specify a client certificate in ClientCredentials.
It seems that the certificate isn't forwarded from router->service.
Currently the client/router/service is on the same machine, so I have all the certificates, but if I deploy them on a different machine will the Router have to have the private keys?
In addition, if I want to establish a non-secured connection between the router and service (offload the security), how can I provide the Identity of the caller?
EDIT : For all Client/Router(both server&client)/Server the security configured the same :
<security mode="Message">
<message clientCredentialType="Certificate" negotiateServiceCredential="false"
algorithmSuite="Default" establishSecurityContext="false" />
</security>
This blog post explains that Microsoft didn't support this scenarion-
http://blogs.microsoft.co.il/blogs/applisec/archive/2011/12/12/wcf-routing-and-message-security.aspx