Submit My Question - Recent Questions - Recent Answer
Msdn Tech >> Visual Studio Orcas >> Windows Communication Foundation (Indigo)

Cannot find the X.509 certificate

Hello,

I am having difficulty securing a WCF service. I have created a test service and am trying to ensure I can authenticate and authorize with the ASP.NET membership and role providers I have defined. I have it working if I leave it unsecured, but once I try to secure it, I am running into problems:

I used the Web Service Software Factory to define the security, to ensure I wouldn't misname any of the attributes or anything. It is configured for Direct Authentication using a username token whose source will be an SQL database store from the Membership Provider I have defined. The certificate was chosen via the selection dialog that is part of the Web Service Software Factory, so I am inclined to believe that the path it outputs is correct.


Anyway, here is my current web.config:

<system.serviceModel>

<behaviors>

<serviceBehaviors>

<behaviorname="DirectAuthenticationUserNameTokenSQL">

<serviceMetadatahttpGetEnabled="true" />

<serviceDebugincludeExceptionDetailInFaults="true" />

<serviceCredentials>

<serviceCertificatefindValue="CN=xxxx"storeLocation="LocalMachine"

storeName="Root"x509FindType="FindBySubjectDistinguishedName" />

<userNameAuthenticationuserNamePasswordValidationMode="MembershipProvider"

membershipProviderName="SqlMembershipProvider" />

</serviceCredentials>

<serviceAuthorizationprincipalPermissionMode="UseAspNetRoles"

roleProviderName="SqlRoleProvider" />

</behavior>

</serviceBehaviors>

</behaviors>

<services>

<servicebehaviorConfiguration="DirectAuthenticationUserNameTokenSQL"

name="WebServices.Core.ServiceImplementation.SettingsService">

<endpointbinding="wsHttpBinding"bindingConfiguration="DirectAuthenticationUserNameTokenSQL"

bindingNamespace="WebServices.Core.ServiceContracts/2007/07"

contract="ServiceContracts.ISettingsService" />

<endpointaddress="mex"binding="mexHttpBinding"contract="IMetadataExchange" />

</service>

</services>

<bindings>

<wsHttpBinding>

<bindingname="DirectAuthenticationUserNameTokenSQL">

<securitymode="Message">

<messageclientCredentialType="UserName"negotiateServiceCredential="true"

establishSecurityContext="true" />

</security>

</binding>

</wsHttpBinding>

</bindings>

</system.serviceModel>

Is there something wrong with this service configuration? I can't find anything wrong, but it is giving me the error:

Cannot find the X.509 certificate using the following search criteria: StoreName 'Root', StoreLocation 'LocalMachine', FindType 'FindBySubjectDistinguishedName', FindValue 'CN=xxxx'.

The only thing I can think of is something is preventing the certificate from being loaded, or maybe even preventing it from even being seen.

Thanks for the help,

Brandon

[10467 byte] By [bwaskiewicz] at [2008-1-8]
«« Web Tests for MOSS Projects
»» Scheduling Montly Report
# 1

Okay, problem solved. It turns out that the problem was with the Web Service Software Factory. I will go and report it as a bug. The problem was that it was searching for the certificate by the Distinguished Subject Name, and only using part of the full subject name.

The code in this post helped me determine what the problem was.

bwaskiewicz at 2007-10-2 > top of Msdn Tech,Visual Studio Orcas,Windows Communication Foundation (Indigo)...
Visual Studio Orcas
Windows Communication Foundation (Indigo)

Visual Studio Orcas Hot Topic

Visual Studio Orcas New Topic

Visual Studio Orcas

Java / MSDN / Linux Tech / PHP Tech / MSDN DotNet / MSDN TECH / Health Library / Programmers Tech / visual basic Tech / Developer Tech / Ipod faqs / Msdn China Tech

Site Classified