If interoperability with other platforms is a requirement WS-Atomic Transaction must be used. It requires all the steps for DTC setup in previous blog entry Configuring the DTC for WCF for OleTx, but also a couple of additional ones.
WS-Atomic Transaction requires a certificate to establishing Mutual Trust between the parties in a transaction. If a certificate issued by a trusted 3rd party is not available, it is possible to issue one for test purposes by running the below statement in the Visual Studio 2005 Command Prompt. It generates and installs a certificate in the LocalMachineMY store.
MakeCert -sr LocalMachine -pe -n “CN=mytestcertificate.com” -ss My -sky exchange -sp “Microsoft RSA SChannel Cryptographic Provider” -sy 12
To enable a graphical interface for the WS-AtomicTransaction Configuration Utility (wsatConfig.exe) register the WsatUI.dll by running the following command in the Visual Studio 2005 Command Prompt
regasm /codebase %PROGRAMFILES%Microsoft SDKsWindowsv6.0BinWsatUI.dll
Now open the DTC configuration again by the following steps:
Administrative Tools Component Services Computer My Computer.
- Right-click on My Computer and chose Properties – notice a WS-AT tab is now available – select it.
- Check Enable WS-Atomic Transaction network support
- Select the certificate under Endpoint certificate
Now everything is ready to make use of WS-Atomic Transaction in WCF as long as the client and service are on the same machine.
If the client and service are located on different machines, each machine needs a certificate and any machine participating in a transaction must be explicitly authorized by establishing trust with the counterpart’s certificate.
Establishing trust and authorizing trust. These steps have to be performed on all parties.
- Export the public key
- Add the public key certificate to the counterpart’s LocalMachineMY and LocalMachineROOT stores.
- Authorize the counterpart’s certificate in the WS-AT tab.
It seems like a daunting task, but it is worth it. I can’t figure out how I ever got by with old-style ASMX web services without transactional support.