証明書ストアにインストールされているサーバー証明書を使って、WCF で TLS over TCP を構成するサンプル。

using System;
using System.Security.Cryptography.X509Certificates;
using System.ServiceModel;

namespace WcfCertStoreSample
{
    class Program
    {
        static void Main(string[] args)
        {
            if (args.Length == 0)
            {
                Console.WriteLine($"使い方: WcfCertStoreSample.exe <thumbprint>");
                return;
            }

            var thumbprint = args[0];

            using (ServiceHost host = new ServiceHost(typeof(GreetingService)))
            {
                try
                {
                    // サーバー証明書を設定
                    host.Credentials.ServiceCertificate.SetCertificate(
                        storeLocation: StoreLocation.CurrentUser,
                        storeName: StoreName.My,
                        findType: X509FindType.FindByThumbprint,
                        findValue: thumbprint);

                    // セキュリティモードをTransportで設定
                    var binding = new NetTcpBinding();
                    binding.Security.Mode = SecurityMode.Transport;
                    binding.Security.Transport.ClientCredentialType = TcpClientCredentialType.None;
                    binding.Security.Transport.ProtectionLevel = System.Net.Security.ProtectionLevel.EncryptAndSign;

                    // サービスホストにエンドポイントを追加
                    host.AddServiceEndpoint(
                        implementedContract: typeof(IGreetingService),
                        binding: binding,
                        address: new Uri($"net.tcp://localhost:8081/{nameof(IGreetingService)}"));

                    // サービスの開始
                    host.Open();

                    Console.WriteLine("サービス開始");
                    Console.WriteLine("Enterキーを押して終了");
                    Console.ReadLine();

                    // サービスの停止
                    host.Close();
                }
                catch (Exception ex)
                {
                    Console.WriteLine("エラー発生: " + ex.Message);
                    host.Abort();
                }
            }
        }
    }

    [ServiceContract]
    public interface IGreetingService
    {
        [OperationContract]
        string Hello(string name);
    }

    [ServiceBehavior(IncludeExceptionDetailInFaults = true)]
    public class GreetingService : IGreetingService
    {
        public string Hello(string name)
        {
            return $"Hello, {name}!";
        }
    }
}

クライアント側のサンプル。

using System;
using System.Net;
using System.ServiceModel;

namespace WcfCertStoreSample
{
    [ServiceContract]
    public interface IGreetingService
    {
        [OperationContract]
        string Hello(string name);
    }

    internal class Program
    {
        static void Main(string[] args)
        {
            if (args.Length == 0)
            {
                Console.WriteLine($"使い方: WcfCertStoreSample.Client.exe <dnsName>");
                return;
            }
            var dnsName = args[0];

            var binding = new NetTcpBinding();
            binding.Security.Mode = SecurityMode.Transport;
            binding.Security.Transport.ClientCredentialType = TcpClientCredentialType.None;
            binding.Security.Transport.ProtectionLevel = System.Net.Security.ProtectionLevel.EncryptAndSign;

            var factory = new ChannelFactory<IGreetingService>(binding: binding);
            var channel = factory.CreateChannel(
                new EndpointAddress(
                    new Uri($"net.tcp://localhost:8081/{nameof(IGreetingService)}"),
                    EndpointIdentity.CreateDnsIdentity(dnsName)));
            var result = channel.Hello("Take");
            ((IClientChannel)channel).Close();
            factory.Close();

            Console.WriteLine(result);
            Console.WriteLine("Enter で終了");
            Console.ReadLine();
        }
    }
}