Identity check failed for outgoing message. The expected DNS identity of the remote endpoint was XXX

Question

I am having problems with a WCF Service which is being authenticated via certificate. The error I get is Identity check failed for outgoing message. The expected DNS identity of the remote endpoint was xxx....

I have seen lots of posts about this and all of them say set the dns as the name / subject of the certificate.

<identity>
                    <dns value="WcfServer" />
                </identity>

I have tried this and it does not work, what else can I do?

Luke

score 2 · Answer 1 · edited May 23 '17 at 12:33

2

The DNS name should match the Common Name (CN) of the certificate.

See this other thread which is similar. Why does WCF complain over identity check failure?

edited May 23 '17 at 12:33

Community

1
1

answered May 21 '14 at 19:57

rpwhite

31
2

score 1 · Answer 2 · answered Oct 18 '12 at 18:04

You can check the WSDL file of the service. It'll show you the identity expected by the Service under element. For example, like this,

<wsdl:service name="CalculatorService">
  <wsdl:port name="WSHttpBinding_ICalculator_Windows"
    binding="tns:WSHttpBinding_ICalculator_Windows">
    <soap12:address 
      location=
      "http://localhost:8003/servicemodelsamples/service/upnidentity" />
    <wsa10:EndpointReference>
      <wsa10:Address>
        http://localhost:8003/servicemodelsamples/service/upnidentity
      </wsa10:Address>
      <Identity  
        xmlns="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity">
        <Upn>username@contoso.com</Upn>
      </Identity>
    </wsa10:EndpointReference>
  </wsdl:port>
</wsdl:service>

Based on the identity chosen by service, you can set it in client endpoint.

HTH, Amit

Identity check failed for outgoing message. The expected DNS identity of the remote endpoint was XXX

2 Answers2