WCF - 'The service certificate is not provided for target' error for WCF client calling a WCF service
Question
I'm trying to create a test service/client in WCF using Message security, with certificates. I'm using the basic service that Visual Studio creates out of the box, and am calling it from another project that I have set up as the client.
I have created two certificates, one for the server, and the other for the client, and imported them into my certificates store. I've also followed the instructions at: http://msdn.microsoft.com/en-us/library/ms733098.aspx
However, no luck. When invoking the server from the client I'm getting the error:
The service certificate is not provided for target 'http://localhost:1704/Service1.svc'. Specify a service certificate in ClientCredentials.
My service config is as follows:
<system.serviceModel>
<services>
<service name="WcfService2.Service1" behaviorConfiguration="ServiceCredentialsBehavior">
<endpoint address="" binding="wsHttpBinding" contract="WcfService2.IService1" bindingConfiguration="MyHTTPBindingConfig">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="MyHTTPBindingConfig">
<security mode="Message">
<message clientCredentialType="Certificate" negotiateServiceCredential="false" establishSecurityContext="false" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceCredentialsBehavior">
<serviceCredentials>
<serviceCertificate findValue="WCFTest" storeLocation="CurrentUser" storeName="My" x509FindType="FindBySubjectName" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
My client config is:
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IService1" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Certificate" negotiateServiceCredential="false"
algorithmSuite="Default" establishSecurityContext="false" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost:1704/Service1.svc" binding="wsHttpBinding"
bindingConfiguration="WSHttpBinding_IService1" contract="ServiceReference1.IService1"
name="WSHttpBinding_IService1" behaviorConfiguration="endpointCredentialBehaviours">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
</client>
<behaviors>
<endpointBehaviors>
<behavior name="endpointCredentialBehaviours">
<clientCredentials>
<clientCertificate findValue="WCFClient" storeLocation="CurrentUser" storeName="My" x509FindType="FindBySubjectName"/>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>
And I'm invoking the service in the client with:
ServiceReference1.Service1Client client = new ServiceReference1.Service1Client();
string s = client.GetData(1);
label1.Text = s;
client.Close();
Can anybody tell me what I'm doing wrong?
4 answers
solution1
3 2015-02-19 14:39:35
This is an example of working client configuration:
<client>
<endpoint address="http://example.com/Myservice.svc"
binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IService"
contract="Core.IService" name="WSHttpBinding_IService" behaviorConfiguration="myServiceBehaviour" >
<identity>
<dns value="SampleServiceCertificate"/>
</identity>
</endpoint>
</client>
<behaviors>
<endpointBehaviors>
<behavior name="myServiceBehaviour">
<clientCredentials>
<serviceCertificate>
<defaultCertificate storeLocation="LocalMachine" storeName="My" findValue="SampleServiceCertificate" x509FindType="FindBySubjectName" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
In your posted configuration the clientCredentials node is missing the serviceCertificate child node.
solution2
2 2012-04-16 03:01:52
As the error suggests it seems that your client is not providing a certificate. The first step I would do in order to troubleshoot this is to ensure that your client certificate is where you need it to be and the name in your config file is correct. You can do that with MMC . Here are the instructions on how to do that:
How to: View Certificates with the MMC Snap-in: http://msdn.microsoft.com/en-us/library/ms788967.aspx
I would also try adding a client certificate manually through code:
How to: Specify Client Credential Values: http://msdn.microsoft.com/en-us/library/ms732391.aspx
solution3
0 2012-04-16 19:03:01
You must provide certificate in client.Credentials . For more details explanations follow this resource .
solution4
0 2017-01-26 03:10:17
I know this is quite old thread. But i thought this might help someone else, who is facing the issue.
As per the issue, you need to install a service level certificate, which is basically required for trust establishment by the service, to the client. Have a look into the following links for reference:
https://msdn.microsoft.com/en-us/library/ms731058(v=vs.110).aspx
and
https://msdn.microsoft.com/en-us/library/ms752233(v=vs.110).aspx
After adding the certificate to the store, add the following setting in service configuration file:
<serviceCredentials>
<serviceCertificate findValue="localhost" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
</serviceCredentials>
The complete configuration settings are available on the links above. Hope this helps you.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.