c# - WCF SecurityNegotiationException when using certificate with none certificateValidationMode -
i create certificate pluralsight selfcert. when use in wcf service takes securitynegotiation exception. search , found solution. put certificatevalidationmode="none" in clientcertificate of web.config problem not solved. if put command on client app.config problem solve. i don't want change client configs. why command doesn't work in server side? there other way?
the x.509 certificate cn=qtascert chain building failed. certificate used has trust chain cannot verified. replace certificate or change certificatevalidationmode. certificate chain processed, terminated in root certificate not trusted trust provider.
<services> <service name="archiveboundedcontext.wcfservice.wcfservices.archivewcfservice"> <endpoint address="" binding="nettcpbinding" bindingconfiguration="qtasbinding" name="qtasendpoint" contract="archiveboundedcontext.wcfservice.wcfservices.iarchivewcfservice" /> <endpoint address="mex" binding="mextcpbinding" name="qtasmex" contract="imetadataexchange" /> <host> <baseaddresses> <add baseaddress="net.tcp://localhost:808/wcfservices/" /> </baseaddresses> </host> </service> </services> <behaviors> <servicebehaviors> <behavior> <servicesecurityaudit auditloglocation="application" serviceauthorizationauditlevel="successorfailure" messageauthenticationauditlevel="successorfailure" suppressauditfailure="true" /> <servicecredentials> <usernameauthentication usernamepasswordvalidationmode="custom" customusernamepasswordvalidatortype="archiveboundedcontext.wcfservice.serviceauthenticator, archiveboundedcontext.wcfservice" /> <servicecertificate findvalue="qtascert" storelocation="localmachine" storename="my" x509findtype="findbysubjectname" /> <clientcertificate> <authentication certificatevalidationmode="none" revocationmode="nocheck" /> </clientcertificate> </servicecredentials> <serviceauthorization principalpermissionmode="useaspnetroles" /> <servicemetadata httpgetenabled="false" /> <servicedebug includeexceptiondetailinfaults="true" /> </behavior> </servicebehaviors>
i install certificate in client , problem solved.
class program { static void main(string[] args) { console.writeline(@"certificate installer v1.0"); var certificate = new x509certificate2(certificates.qtascert, "*****"); var rootstore = new x509store(storename.root, storelocation.localmachine); rootstore.open(openflags.readwrite); rootstore.add(certificate); rootstore.close(); var mystore = new x509store(storename.my, storelocation.localmachine); mystore.open(openflags.readwrite); mystore.add(certificate); mystore.close(); console.writeline(@"certificate installed successfuly"); console.readkey(); } }
Comments
Post a Comment