WCF. BasicHttpBinding Certificates.

Posted by Andrew Kalashnikov on Stack Overflow See other posts from Stack Overflow or by Andrew Kalashnikov
Published on 2010-03-12T14:25:21Z Indexed on 2010/03/12 14:27 UTC
Read the original article Hit count: 322

Filed under:
|
|
|
|

Hello colleagues. I've got some problems. I've created WCF service with basicHttpBinding and hosted by IIS 6.0.

<system.serviceModel>
<bindings>
  <basicHttpBinding>
    <binding name="BindingConfiguration1" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
      <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647"
      maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647"/>
      <security mode="Transport">
        <transport clientCredentialType="None" />
      </security>
    </binding>
  </basicHttpBinding>
</bindings>   
<services>
  <service name="RegistratorService.Registrator" behaviorConfiguration="RegistratorService.Service1Behavior">
    <endpoint address="" binding="basicHttpBinding"
              contract="RegistratorService.IRegistrator"
              bindingConfiguration="BindingConfiguration1">
      <identity>
        <dns value="localhost" />
      </identity>
    </endpoint>
    <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange"/>
  </service>
</services>
<behaviors>
  <serviceBehaviors>
    <behavior name="RegistratorService.Service1Behavior">
      <serviceCredentials>
        <clientCertificate>
          <authentication certificateValidationMode="PeerOrChainTrust" revocationMode="NoCheck"/>
        </clientCertificate>
        <serviceCertificate storeLocation="LocalMachine"
                          storeName="My"
                          findValue="CN=Server" />
      </serviceCredentials>
      <serviceMetadata httpsGetEnabled="true" />
      <serviceDebug includeExceptionDetailInFaults="true" />
    </behavior>
  </serviceBehaviors>
</behaviors>

Also I have cert authority on this server and I issue certs for server and client. I server cert at server and client cert at client. When I try consume service from client I get famous: "Could not establish trust relationship for the SSL/TLS secure channel with authority"

All sites recommend override ServicePointManager.ServerCertificateValidationCallback by set return value to true. Bu I want decide this issue other right way.

My client config:

 <system.serviceModel>
    <behaviors>
      <endpointBehaviors>
        <behavior name="ClientBehavior">
          <clientCredentials>
            <serviceCertificate>
              <authentication certificateValidationMode="ChainTrust" revocationMode="NoCheck"/>
            </serviceCertificate>
            <clientCertificate findValue="CN=PharmPortal"
                               storeLocation="LocalMachine"
                               storeName="My"/>
          </clientCredentials>
        </behavior>
      </endpointBehaviors>
    </behaviors>
    <bindings>
        <basicHttpBinding>
            <binding name="BasicHttpBinding_IRegistrator" closeTimeout="00:01:00"
                openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
                allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
                maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
                messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
                useDefaultWebProxy="true">
                <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
                    maxBytesPerRead="4096" maxNameTableCharCount="16384" />
                <security mode="Transport">
                  <transport clientCredentialType="None" proxyCredentialType="None" realm="" />
                </security>
            </binding>
        </basicHttpBinding>
    </bindings>
    <client >
      <endpoint address="https://aurit-server2/Registrator.svc" binding="basicHttpBinding" behaviorConfiguration="ClientBehavior"
          bindingConfiguration="BasicHttpBinding_IRegistrator" contract="ServiceReference1.IRegistrator"
          name="BasicHttpBinding_IRegistrator" >
        <identity>
          <dns value="Server" />
        </identity>
      </endpoint>
    </client>
</system.serviceModel>

I set up client certificate. Why i get error?

© Stack Overflow or respective owner

Related posts about .NET

Related posts about wcf