I am using WinFx Dec 2005 CTP. I have created a hello world WCF application as mentioned in help docs that uses Infocard. I have also created two certificates one for service and one for client using makecert.exe. The commands are specfied below:
Client:
E:\>"E:\Program Files\Microsoft Visual Stud
io 8\SDK\v2.0\Bin\makecert" -n "CN=MyInfocard1" -sky exchange -ss My -a sha1 -pe
-sr CurrentUser
Server:
E:\>"E:\Program Files\Microsoft Visual Stud
io 8\SDK\v2.0\Bin\makecert" -n "CN=MyInfocardServ" -sky exchange -ss My -a sha1
-pe -sr LocalMachine
I am using server certificate with service and client certificate with client. My service was able to start successfully. But when I am using the client to connect to service it is throwing an error:
Unhandled Exception: System.ServiceModel.Security.MessageSecurityException: Iden
tity check failed for outgoing message. Expected identity is 'identity(http://sc
hemas.microsoft.com/xsi/2005/05/Right/PossessProperty: http://schemas.microsoft.
com/xsi/2005/05/ClaimType/Thumbprint('System.Byte[]'))' for target endpoint 'htt
p://localhost:8888/HelloService.svc'.
Can any one provide some help on this issue.
Regards,
Navneet Gupta
How I can create sample certificate for using with WCF Infocard Message exchange.
Gozzeh
Thanks for your help. After using the same certificate 'InfocardServ' at service and client side both, my application starts working. But, I have some queries which are as follows:
1. How to create sample client certificate using makecert.exe
2. How to set privacy statement for a site using infocard technology
3. How to add logos to the certificate using makecert.exe
4. How can I ask for claims in wsHttpBinding
Regards,
Navneet Gupta
Careltje
I had included <identity> element at client endpoint. Here are config settings which I am using:
Server Configuration:
<
configuration><
system.serviceModel><
services><
service type="InfoCard.HelloService, InfoCard" behaviorConfiguration="ServiceCredentials"><
endpoint address="" binding="wsHttpBinding" bindingConfiguration="requireInfoCard" contract="InfoCard.IHello, Infocard" ><
identity><
certificateReference findValue="MyInfocardServ" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="My" /></
identity></
endpoint></
service></
services><
bindings><
wsHttpBinding><
binding name="requireInfoCard"><
security mode="Message"><
message clientCredentialType="InfoCard" /></
security></
binding></
wsHttpBinding></
bindings><
behaviors><
behavior name="ServiceCredentials" returnUnknownExceptionsAsFaults="true" ><
serviceCredentials><
serviceCertificate findValue="MyInfocardServ" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="My" /></
serviceCredentials></
behavior></
behaviors></
system.serviceModel></
configuration>Client Configuration:
<configuration>
<system.serviceModel>
<client>
<endpoint name="DefaultConfig"
address="http://localhost:8888/HelloService.svc"
bindingConfiguration="requireInfoCard" binding="wsHttpBinding" contract="InfoCard.IHello" behaviorConfiguration="ClientCredentials"><
identity><
certificateReference findValue="MyInfocard1" x509FindType="FindBySubjectName" storeLocation="CurrentUser" storeName="My" /></
identity></
endpoint></
client><
bindings><
wsHttpBinding><
binding name="requireInfoCard"><
security mode="Message"><
message clientCredentialType="InfoCard" /></
security></
binding></
wsHttpBinding></
bindings><
behaviors><
behavior name="ClientCredentials" returnUnknownExceptionsAsFaults="true" ><
clientCredentials><
serviceCertificate findValue="MyInfocard1" x509FindType="FindBySubjectName" storeLocation="CurrentUser" storeName="My" revocationMode="NoCheck"/></
clientCredentials></
behavior></
behaviors></
system.serviceModel></
configuration>Service Contract:
[
ServiceContract] public interface IHello{
[
OperationContract] string Say();}
Client Code:
class
Program{
static void Main(string[] args){
ChannelFactory<IHello> factory = new ChannelFactory<IHello>("DefaultConfig"); IHello proxy = factory.CreateChannel(); Console.WriteLine(proxy.Say()); Console.ReadLine();((
IChannel)proxy).Close();factory.Close();
}
}
I have also added the both certificates to the TrustedPeople store under CurrentUser location, still I am getting the same error.
Regards,
Navneet Gupta
Nagaraju Palla MSFT
How to set privacy statement for a site using infocard technology
>> You won't be able to do this until Feb CTP.
How to add logos to the certificate using makecert.exe
>> You can't. Issuer (such as Verisign) can add a subject and issuer logo. You can also create a self-issued cert with logo. The sample already has certs that include logo links (and a hash value)
How can I ask for claims in wsHttpBinding
>>>The claim is fixed in wsHttpBinding - it will ask PrivatePersonalIdentifer
>> You want wsFederatedBinding ( or wsFederatedHttpBinding in Feb CTP)
Mike12