SSL Error with WCF Service using Transport Security & Cert. Authentication

StackOverflow https://stackoverflow.com/questions/832579

  •  07-07-2019
  •  | 
  •  

Question

I don't know if this is a question more suited for Serverfault.com, really depends on the answer, but I have followed this tutorial in .NET C# to setup a WCF service under 'wsHttpBinding' (Transport Security & Certificate Authentication), I have created a test development certificate using the methods described here and I have also configured my HTTPS 443 port in Bindings for IIS.

Everything has been working pretty good each step, however I am receiving an error in the the Example "Hello World" service I created (again, all followed via the MSDN tutorial link I first stated) when hitting https://vd1/WcfWsHttpBindingTest/Service.svc (VD1 being my local computer name):

HTTP Error 403.7 - Forbidden
The page you are attempting to access requires your browser to have a Secure Sockets Layer (SSL) client certificate that the Web server recognizes.

I have followed both tutorials as stated to install my server certificate and the client certificate and it has been configured in IIS; Also if I negate the 'https' and just use 'http' I receive a 403.4 Forbidden stating I am trying to access a page which has been secured with SSL, so I'm pretty sure that side of it is working.

Any ideas folks?
I haven't deviated from the tutorials, I am running IIS 7.0 and Vista Business.

It would even help if somebody could start me from a clean slate by giving me better tutorial links for configuring a service with wsHttpBinding.

** If anyone had seen my initial post, you will notice I closed my answer as it has evolved to the problem above **

Was it helpful?

Solution

Thanks for your help Tanner.

After two hours of scratching my head and tinkering, with help from a colleague we narrowed it down to one step which was not done correctly. The Certificate was being added to "Local User" not "Local Computer".

Thanks again.

OTHER TIPS

Sounds like the client credentials aren't getting set or there is a problem with the config files. Can you post the config files so we can see the ClientCredentials configuration, which configures in a tag like: < clientCertificate > .

Alternately, a cert can be configured in code, so if you have the source code that configures the cert on the proxy, post that.

A final check would be Vista Specific. You should run VS (and possibly related processes for certificate generation) as admininstrator: Some Info on Vista Admin

If none of that helps, try CodePlex for some guidance, I found that the checklists for security configuration helped me no end.

If you are prompted for an administrator password or for a confirmation, type your password, or click Continue. 2. In IIS Manager, locate the Web application for which you want to change the SSL setting. 3.In Features View, double-click SSL Settings. 4.On the SSL Settings page, select the Accept option under
Client certificates. 5.In the Actions pane, click Apply

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top