Hello,
I have the following certificate configuration:
<
clientCertificate findValue="client.com" storeLocation="CurrentUser" storeName="My" x509FindType="FindBySubjectName" /><
serviceCertificate findValue="localhost" storeLocation="CurrentUser" storeName="TrustedPeople" x509FindType="FindBySubjectName" />On the service side I have the following configuration:
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<system.serviceModel>
<services>
<service type="WhoIsService" behaviorConfiguration="serviceBehavior">
<endpoint address="/InfoCard" contract="IWhoIs" binding="wsHttpBinding"
bindingConfiguration="infocardBinding">
<identity>
<certificateReference
findValue="localhost"
x509FindType="FindBySubjectName"
storeLocation="LocalMachine"
storeName="My" />
</identity>
</endpoint>
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="infocardBinding">
<security mode="Message">
<message clientCredentialType="InfoCard" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<behavior name="serviceBehavior" returnUnknownExceptionsAsFaults="true">
<serviceCredentials>
<serviceCertificate
findValue="localhost"
storeLocation="LocalMachine"
storeName="My"
x509FindType="FindBySubjectName" />
</serviceCredentials>
</behavior>
</behaviors>
</system.serviceModel>
<system.web>
<compilation debug="true"/>
</system.web>
</configuration>
On the client side the following
< xml version="1.0" encoding="utf-8" >
<configuration>
<system.serviceModel>
<client>
<endpoint name="WhoIsInfoCard"
address="http://localhost:1713/Service/Service.svc/InfoCard"
bindingConfiguration="infocardBinding"
binding="wsHttpBinding"
contract="Client.IWhoIs"
behaviorConfiguration="ClientCertificateBehavior">
<identity>
<certificateReference
findValue="localhost"
x509FindType="FindBySubjectName"
storeLocation="CurrentUser"
storeName="TrustedPeople" />
</identity>
</endpoint>
</client>
<bindings>
<wsHttpBinding>
<binding name="infocardBinding">
<security mode="Message">
<message clientCredentialType="InfoCard" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<behavior name="ClientCertificateBehavior">
<clientCredentials>
<clientCertificate findValue="client.com" storeLocation="CurrentUser" storeName="My" x509FindType="FindBySubjectName" />
<serviceCertificate findValue="localhost" storeLocation="CurrentUser" storeName="TrustedPeople" x509FindType="FindBySubjectName" revocationMode="NoCheck" />
</clientCredentials>
</behavior>
</behaviors>
</system.serviceModel>
</configuration>
when I run my code I get the following error message: "The identity of the incoming recipient could not be validated."
I don't find what is wrong since the code seems really the same as WCF samples.
Any help
Thanks,
Pierre
InfoCard sample configuration problem (WinFx Dec CTP)
GregVance
Hello Andy,
I still have the problem. Let me show the certificate current configuration:
Store location : CurrentUser
Store: My
Subject::
[0,0] 2.5.4.3 (CN) client.com
Issuer::
[0,0] 2.5.4.3 (CN) Root Agency
Store location : CurrentUser
Store: TrustedPeople
Subject::
[0,0] 2.5.4.3 (CN) client.com
Issuer::
[0,0] 2.5.4.3 (CN) Root Agency
Subject::
[0,0] 2.5.4.3 (CN) localhost
Issuer::
[0,0] 2.5.4.3 (CN) Root Agency
Store location : LocalMachine
Store: My
Subject::
[0,0] 2.5.4.3 (CN) localhost
Issuer::
[0,0] 2.5.4.3 (CN) Root Agency
Store location : LocalMachine
Store: TrustedPeople
Subject::
[0,0] 2.5.4.3 (CN) client.com
Issuer::
[0,0] 2.5.4.3 (CN) Root Agency
The Root Agency is registered in Trusted Root Store.
How can I do
Thanks,
Pierre
Ryan_Willardryan
BLOX
Hello Keith,
the jan ctp solved the problem as well.
I think the team should document better how the certificates are read and how to configure them (ok, this is a ctp)
Thanks,
Pierre
PKH
I had the same problem you were running into. Running with Jan CTP, I was using the sample in the Sept InfoCard resource kit. Back in Sept, you didn't have to have the CA cert (it was called "INFOCARD") in the trusted root store.
As soon as I moved the INFOCARD cert into the trusted root store, the problem disappeared.
Keith