1
Answer

WCF and x509 certificates

Alex

Alex

16y
7.5k
1
Hope you can help me with this. I am fairly new to WCF and created a WCF service and a client, both working fine when on the same server and same website (win2003/iis6). Now I wanted to host WCF services on a separate machine. I created a test environment with two Win2003/IIS6 servers. One hosts WCF services, another one hosts the website that consumes those services. I set up x509 certificates as per this article: http://www.codeproject.com/KB/WCF/wcf_certificates.aspx

I ran into a bunch of errors which I resolved and now I am stuck on this error for few days already:

The request for security token has invalid or malformed elements.

Here's the client code:

        WCFCategories.CategoriesClient client = new WCFCategories.CategoriesClient();
        Textbox1.Text = client.GetCategoriesInXML(611);


Here are my service / client web.config files:

SERVICE
--------------------
<system.serviceModel>


    <services>
      <service behaviorConfiguration="customBehavior" name="Categories">
        <endpoint
          address="http://s.foo.com:8228/Services/Categories.svc"
          binding="wsHttpBinding"
          contract="ICategories"/>
        <endpoint
          address="mex"
          binding="mexHttpBinding"
          contract="IMetadataExchange"/>
      </service>
    </services>

    <bindings>
      <wsHttpBinding>
        <binding name="customWsHttpBinding">
          <security mode="Message">
            <message clientCredentialType="Certificate"/>
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>   
   
    <behaviors>
            <serviceBehaviors>
                <behavior name="customBehavior">
                    <serviceMetadata httpGetEnabled="true"/>
          <serviceDebug includeExceptionDetailInFaults="true"/>
                    <serviceCredentials>
                        <clientCertificate>
                            <authentication
                certificateValidationMode="ChainTrust"
                revocationMode="NoCheck"/>
                        </clientCertificate>
                        <serviceCertificate
              findValue="My Server Machine"
              x509FindType="FindBySubjectName"
              storeLocation="LocalMachine"
              storeName="My"/>
                    </serviceCredentials>
                </behavior>
            </serviceBehaviors>
        </behaviors>


    </system.serviceModel>

CLIENT
----------------------------
  <system.serviceModel>
 
    <client>
      <endpoint
        address="http://s.foo.com:8228/Services/Categories.svc"
        behaviorConfiguration="customBehavior"
        binding="wsHttpBinding"
        bindingConfiguration="customWsHttpBinding"
        contract="WCFCategories.ICategories"
        name="WSHttpBinding_ICategories">
        <identity>
          <dns value="My Server Machine"/>
        </identity>
      </endpoint>
    </client>
   
    <behaviors>
      <endpointBehaviors>
        <behavior name="customBehavior">
          <clientCredentials>
            <clientCertificate
               x509FindType="FindBySubjectName"
               findValue="My Client Machine"
               storeLocation="LocalMachine"
               storeName="My"/>
            <serviceCertificate>
              <authentication
                certificateValidationMode="ChainTrust"
                revocationMode="NoCheck"/>
            </serviceCertificate>
          </clientCredentials>
        </behavior>
      </endpointBehaviors>
    </behaviors>
   
    <bindings>
      <wsHttpBinding>
        <binding name="customWsHttpBinding">
          <security mode="Message">
            <message clientCredentialType="Certificate"/>
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>   
  </system.serviceModel>
 
Answers (1)
Next Recommended Forum