WCF Service - SSL

Question

WCF Service - SSL

I have a service using SSL. When I try to switch to a service, I get the following error:

The SSL settings for the service 'SslRequireCert' does not match those of the IIS 'None'.

My configuration is as follows:

 <security mode="Transport"> <transport clientCredentialType="Certificate" /> </security>

I use IIS Express and I have the "Enable SSL" checkbox selected (checked in WebMatrix).

Any ideas what else I need to do?

+4

wcf wcf-security

user472292 Jun 28 '11 at 22:59

source share

3 answers

Change your behavior to enable SSL, as shown below:

 <behaviors> <serviceBehaviors> <behavior name="MyService"> <serviceMetadata httpGetEnabled="True" httpsGetEnabled="True" /> <serviceDebug includeExceptionDetailInFaults="False" /> </behavior> </serviceBehaviors> </behaviors>

and delete

 <security mode="Transport"> <transport clientCredentialType="Certificate" /> </security>

This means that you will use certificate authentication.

+1

Chrisbint Jun 28 '11 at 23:09

source share

This has nothing to do with the absence of the mex line, unless it is configured incorrectly, in which case deleting it will have an effect, but IIS can still give the same error.

Ensure that IIS has the SSL Require and Accept (easier) or Require user certificates SSL options selected, and then RESTART IIS. Although IIS says the changes are applied - I'm not sure if they are not always - or at least not implemented immediately.

+1

user1587804 Feb 21 '14 at 12:52

source share

user472292 · Accepted Answer · 2011-06-29T21:10:48+0000

Ok It looks like I needed to update the applicationhost.config file (in IIS Express). I added a location for my site and set sslFlags = "Ssl, SslAcceptCert, SslRequireCert". This allowed me to enable SSL authentication. Then, when I tried to access the service with a client, I received a message stating that an error occurred while establishing a trust relationship. This happened because I did not have a server certificate in the proxy folder (or maybe it was a client, I'm not sure that the service and client are on my local PC). After that, the service will work, but we do not want to provide our certificate to the client, so I ended up using the TransportWithMessageCredential security mode.

WCF Service - SSL

More articles: