Reputation: 7667
Exception in configuring Transport Security in Self Hosted Service using NetTcpBinding in WCF
This is the configuration on the service side:
<endpoint binding="netTcpBinding" bindingConfiguration="TcpBinding" contract="a"></endpoint>
<binding name="TcpBinding">
<security mode="Transport">
<transport protectionLevel="EncryptAndSign" clientCredentialType="None">
</transport>
</security>
<reliableSession enabled="false"/>
</binding>
<serviceBehaviors>
<behavior>
<serviceCredentials>
<serviceCertificate storeName="My" storeLocation="LocalMachine" findValue="73 b9 d8 98 8d b6 54 bf fb ff 21 0b ac fc 04 19 37 16 71 5f" x509FindType="FindByThumbprint" />
</serviceCredentials>
<serviceMetadata httpGetEnabled="false"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
I have created a self signed certificate following this link: https://msdn.microsoft.com/en-us/library/ff648498.aspx
First I created a Certificate that I installed as Root Certificate Authority in Trusted Root Certification Authorities - named 'RootCA'. Then, I created another self signed certificate signed with this 'RootCA' which is issued to 'localhost'.
On the client side, I am using the same configuration elements as on service side. While opening the proxy, I am receiving the following exception:
System.ServiceModel.Security.SecurityNegotiationException The X.509 certificate CN=localhost chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. The revocation function was unable to check revocation for the certificate.
What else is needed to make this running?
Upvotes: 1
Views: 411
Answers (1)
Reputation: 179
include this in your client side in endpoint behaviours
<endpointBehaviors>
<behavior name="clientBehave">
<clientCredentials>
<serviceCertificate>
<authentication certificateValidationMode="PeerOrChainTrust" revocationMode="NoCheck"/>
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
Upvotes: 1
Related Questions
- BasicHttpBinding using transport security with Self signed Certificate
- WCF Service over SSL Could not establish secure channel for SSL/TLS with authority 'test-service.hostname.com'
- NetTcpBinding with Transport mode and ClientCridentialType None mode asking for certificate to start the host
- WCF Trasnport security with certificate client credentials using NetTcpBinding throws error on distributed system
- SSL Error with WCF Service using Transport Security & Cert. Authentication
- netTCP binding Soap Security Negotiation Failed
- Https binding in WCF throws error
- Enabling certificate based authentication for WCF service using netTcpBinding
- WCF WsHttpBinding Certificate Transport Security - Windows Certificate Configuration
- WCF with netTcpBinding and Certificate transport security