c# - WCF certificate authentication -
while implementiong wcf security using certificate, facing below mentioned error.
secure channel cannot opened because security negotiation remote endpoint has failed. may due absent or incorrectly specified endpointidentity in endpointaddress used create channel.
i have put certificates in trusted people.
it looks identity problem , have tried setting identity both in service , client config still didn't work.
below configuration details.
service configuration
<bindings> <wshttpbinding> <binding name="wshttp"> <security mode="message"> <message clientcredentialtype="certificate" /> </security> </binding> </wshttpbinding> </bindings> <service name="wcfcertificateauth.service1"> <endpoint address="" binding="wshttpbinding" bindingconfiguration="" bindingname="wshttp" contract="wcfcertificateauth.iservice1"> <!--<identity> <dns value="wcfserver"/> </identity>--> </endpoint> <endpoint address="mex" binding="mexhttpbinding" contract="imetadataexchange" /> <behaviors> <servicebehaviors> <behavior> <servicemetadata httpgetenabled="true" httpsgetenabled="true"/> <servicedebug includeexceptiondetailinfaults="false" /> <servicecredentials> <clientcertificate> <authentication certificatevalidationmode="peertrust"/> </clientcertificate> <servicecertificate findvalue="wcfserver" storelocation="currentuser" storename="trustedpeople" x509findtype="findbysubjectname"/> </servicecredentials> </behavior> </servicebehaviors> </behaviors>
client configuration
<bindings> <wshttpbinding> <binding name="wshttp_iservice1" sendtimeout="00:05:00"> <security mode="message"> <message clientcredentialtype="certificate" /> </security> </binding> </wshttpbinding> </bindings> <client> <endpoint address="http://localhost:8733/wcfcertificateauth/service1/" binding="wshttpbinding" bindingconfiguration="wshttp_iservice1" contract="iservice1" name="wshttp_iservice1"> <identity> <dns value="wcfserver" /> </identity> </endpoint> </client> <behaviors> <endpointbehaviors> <behavior> <clientcredentials> <servicecertificate> <authentication certificatevalidationmode="peertrust"/> </servicecertificate> <clientcertificate findvalue="wcfclient" storelocation="currentuser" storename="trustedpeople" x509findtype="findbysubjectname"/> </clientcredentials> </behavior> </endpointbehaviors> </behaviors>
i removed identity tag , used full name of machine in address field in place of "localhost" , working fine. hope helps getting above mentioned error.
Comments
Post a Comment