<msmqTransportSecurity>
Specifies MSMQ transport security settings for a custom binding.
<configuration>
<system.serviceModel>
<bindings>
<customBinding>
<binding>
<msmqIntegration>
<msmqTransportSecurity>
Syntax
<msmqTransportSecurity msmqAuthenticationMode="None/Windows/Certificate"
msmqEncryptionAlgorithm="RC4Stream/AES"
msmqProtectionLevel="None/Sign/EncryptAndSign"
msmqSecureHashAlgorithm="MD5/SHA1/SHA256/SHA512" />
</msmqTransportSecurity>
Attributes and Elements
The following sections describe attributes, child elements, and parent elements.
Attributes
| Attribute | Description |
|---|---|
msmqAuthenticationMode |
Specifies how the message must be authenticated by the MSMQ transport. If this is set to None, the value of the msmqProtectionLevel attribute must also be set to None.Valid values include the following: - None: No authentication. - Windows: The authentication mechanism uses Active Directory to get the X.509 certificate for the SID associated with the message. This is then used to check the ACL of the queue to ensure the user has permission to write to the queue. - Certificate: The channel gets the certificate from the certificate store. The default value is Windows. This attribute is of type MsmqAuthenticationMode. |
msmqEncryptionAlgorithm |
Specifies the algorithm to be used for message encryption on the wire when transferring messages between message queue managers. Valid values include the following: - RC4Stream - AES The default value is RC4Stream. This attribute is of type MsmqEncryptionAlgorithm. |
msmqProtectionLevel |
Specifies how the message is secured at the level of the MSMQ transport. Encryption ensures message integrity while EncryptAndSign ensures both message integrity and non-repudiation; that is, the message indeed comes from the sender and the sender is who they say they are. Valid values include the following: - None: No protection. - Sign: Messages are signed. - EncryptAndSign: Messages are encrypted and signed. The default value is Sign. This attribute is of type ProtectionLevel. |
msmqSecureHashAlgorithm |
Specifies the algorithm to be used in computing the digest as part of signatures. Valid values include the following: - MD5 - SHA1 - SHA256 - SHA512 The default value is SHA1. This attribute is of type MsmqSecureHashAlgorithm. Due to collision problems with MD5 and SHA1, Microsoft recommends SHA256 or better. |
Child Elements
None.
Parent Elements
| Element | Description |
|---|---|
| <msmqIntegration> | Specifies settings required for interaction with a Message Queuing (MSMQ) sender or receiver. |
| <msmqTransport> | Specifies the queuing communication properties for a Windows Communication Foundation (WCF) service that uses the native MSMQ protocol. |
Remarks
For more information on transport security, see Transport Security.
See also
Collaborate with us on GitHub
The source for this content can be found on GitHub, where you can also create and review issues and pull requests. For more information, see our contributor guide.
