When a service in .net 4.5 has WIF enabled, via the use identity configuration attribute, we are not able to use the nettcpbinding for this service due to the following issue.
The service via WCF returns the WIF encryption certificate name as the dns identity, and thus, net tcp gets a message security exception because it was expecting the identity to match the ssl certificate use on the site.
We have tried specifically setting the identity element on the service for the net tcp endpoint to return a value, but this not only doesn't work, I wouldn't imagine it would.
__
In dot net 4.0, there was a hack that allowed you to wrap all of the configure service host code and after initialized, you could re-set the service certificate. This is a poor hack, and it doesn't work anymore anyway.
Without having the client code be aware of the encryption certificate, which they shouldn't have to be, are there any other tricks to making net tcp work within a federated (WIF enabled) service?