0

"The service certificate is not provided. Specify a service certificate in ServiceCredentials." is what I see when I point my browser to the svc file address

as you can see below, my serviceCredentials section is commented (it's just an example from some book), since I don't want any certificate. But apparently I can't avoid it... what can I do ?

I can't use basicHttpBinding because I want sessions support

my binding:

<wsHttpBinding>
   <binding name="BindingToViewer" sendTimeout="00:25:00">
      <security mode="Message">
         <message clientCredentialType = "None"/>
      </security>
   </binding>
</wsHttpBinding>

my service:

<service name="SomeNs.Whatever.ServName" behaviorConfiguration="NoPrinPermMode">
   <endpoint address="" binding="wsHttpBinding"
                   bindingConfiguration="BindingToViewer"
                   contract="SomeNs.Whatever.IMyInterface">
      <identity>
         <dns value="localhost" />
      </identity>
   </endpoint>
   <host>
      <baseAddresses>
         <add baseAddress="https://localhost/"/>
      </baseAddresses>
   </host>
</service>

my service behaviors:

<serviceBehaviors>
   <behavior name="NoPrinPermMode">
      <serviceMetadata httpGetEnabled="True" httpsGetEnabled="True" />
      <serviceDebug includeExceptionDetailInFaults="true" />
      <dataContractSerializer maxItemsInObjectGraph="2147483646"/>
      <serviceAuthorization principalPermissionMode="None" />
      <!--<serviceCredentials>
         <serviceCertificate
            findValue = "MyServiceCert"
            storeLocation = "LocalMachine"
            storeName = "My"
            x509FindType = "FindBySubjectName"/>
      </serviceCredentials>-->
   </behavior>
</serviceBehaviors>
Community
  • 1
  • 1
Tar
  • 8,529
  • 9
  • 56
  • 127

2 Answers2

1

Do not use https in base address:

<add baseAddress="https://localhost/"/>

use instead:

<add baseAddress="http://localhost/"/>

and remove httpsGetEnabled:

<serviceMetadata httpGetEnabled="True" httpsGetEnabled="True" />

to:

<serviceMetadata httpGetEnabled="True" />

and remove identity as you do not need to authentificate service

      <identity>
     <dns value="localhost" />
  </identity>

edit remove also 

 <security mode="Message">
    <message clientCredentialType = "None"/>
  </security>
vitaliy zadorozhnyy
  • 1,226
  • 10
  • 12
  • 1
    changed to `http` (removed `https`), removed `httpsGetEnabled="True"`, removed the `identity` tag. Still same problem – Tar Sep 13 '13 at 20:01
  • But then I use `Windows` authentication, which I don't want. I'm using my own combination of user-name, password and some token – Tar Sep 13 '13 at 20:36
1

You have configured message security in WSHttpBinding which implies your service must supply a certificate (unless you use windows auth). The question is what kind of security you need if at all?

Yaron Naveh
  • 23,560
  • 32
  • 103
  • 158
  • I need session support and message encryption (simple RSA, public-private keys). I have my own username-password-some token authentication – Tar Sep 13 '13 at 20:53
  • if you want to use RSA then you must have an x.509 certificate for the server – Yaron Naveh Sep 13 '13 at 21:00