Search Results

Search found 4 results on 1 pages for 'dudia'.

Page 1/1 | 1 

  • The HTTP request was forbidden with client authentication scheme 'Anonymous'

    - by dudia
    I am trying to configure a WCF server\client to work with SSL I get the following exception: The HTTP request was forbidden with client authentication scheme 'Anonymous' I have a self hosted WCF server. I have run hhtpcfg both my client and server certificates are stored under Personal and Trusted People on the Local Machine Here is the server code: binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate; binding.Security.Mode = WebHttpSecurityMode.Transport; _host.Credentials.ClientCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.PeerOrChainTrust; _host.Credentials.ClientCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck; _host.Credentials.ClientCertificate.Authentication.TrustedStoreLocation = StoreLocation.LocalMachine; _host.Credentials.ServiceCertificate.SetCertificate("cn=ServerSide", StoreLocation.LocalMachine, StoreName.My); Client Code: binding.Security.Mode = WebHttpSecurityMode.Transport; binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate; WebChannelFactory<ITestClientForServer> cf = new WebChannelFactory<ITestClientForServer>(binding, url2Bind); cf.Credentials.ClientCertificate.SetCertificate("cn=ClientSide", StoreLocation.LocalMachine, StoreName.My); ServicePointManager.ServerCertificateValidationCallback += RemoteCertificateValidate; Looking at web_tracelog.svclog and trace.log reveals that the server cannot autheticate the client certificate My certificate are not signed by an Authorized CA but this is why I added them to the Trusted People.... What Am I missing? What am I missing?

    Read the article

  • Configure a Port with an SSL Certificate w\o using Httpcfg

    - by dudia
    Hi, When one develops a self-hosted WCF http server, one of the steps needed is to bind an SSL certificate to a port number: httpcfg set ssl -i 0.0.0.0:8012 -h 0000000000003ed9cd0c315bbb6dc1c08da5e6 as stated in: http://msdn.microsoft.com/en-us/library/ms733791.aspx However, It is hardly expected that in my deployment environment one would be able to do it. (I don't even know if the httpcfg.exe is redistributable) Moreover, if the user changed the port after he installed the product then he will need to run the command again.... how can this step be automated pro grammatically? preferably in C# but if it can only be done in C++ (direct access to the Http Server API) then I will manage :)

    Read the article

  • HTTP 404 Error manifests itself as EndPointNotFoundException on a WCF client

    - by dudia
    How can I make my client treat 404 Error correctly? Right now it catches a general exception... My WCF Server uses WebOperationContext.Current.OutgoingResponse.SetStatusAsNotFound(); To return a 404 Error code however my WCF client interperts it as an EndPointNotFoundException There was no endpoint listening at http://myUrl that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details. The inner exception is WebException "The remote server returned an error: (404) Not Found.

    Read the article

  • WCF digest Authentication

    - by dudia
    What should be specified on the client side? Is this enough: binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Digest; ... cf.Credentials.HttpDigest.ClientCredential = new NetworkCredential("myuser", "mypass", "mydomain"); cf.Credentials.HttpDigest.AllowedImpersonationLevel = TokenImpersonationLevel.Impersonation; What should be specified on the server side? obviously one needs: binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Digest; but where do one specify in the server the digest username\password to validate the client against? In addition when Micosoft says that Digest Authentication uses the Domain Controller, what does it mean? Does it validate username\password against it?

    Read the article

1