I am working on a WCF Service and Client, both work well if there are in the same machine, with the same Certificate (also if I have one for Client and one for server). But if I deploy the Service to IIS (as part of a Website) I get a vague error with nothing to search for, I really don't know what else to look for. All certificates in place. I get "An unsecured or incorrectly secured fault was received from the other party"
Server Config (ServiceModel part)
<system.serviceModel>
<services>
<service behaviorConfiguration="CertificateServiceBehavior" name="ASPApplication.Service.IncomingDataService">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="IncomingDataBinding"
name="IncomingDataEndpoint" contract="ASPApplication.Service.IIncomingDataService">
<identity>
<dns value="www.testserver.com" />
</identity>
</endpoint>
<endpoint contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="CertificateServiceBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceCredentials>
<serviceCertificate findValue="www.testserver.com"
storeLocation="LocalMachine"
storeName="TrustedPeople"
x509FindType="FindBySubjectName"/>
<clientCertificate>
<authentication certificateValidationMode="PeerOrChainTrust" />
</clientCertificate>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
<bindings>
<wsHttpBinding>
<binding name="IncomingDataBinding" maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="32" maxStringContentLength="2147483647"
maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Message">
<message algorithmSuite="Basic128"
clientCredentialType="Certificate"
negotiateServiceCredential="false"
establishSecurityContext="false" />
</security>
</binding>
</wsHttpBinding>
</bindings>
</system.serviceModel>
Client Config (ServiceModel part) the address is hidden on purpose
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="wsHttpBinding_IIncomingDataService" maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="32" maxStringContentLength="2147483647"
maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Message">
<message clientCredentialType="Certificate" negotiateServiceCredential="false"
algorithmSuite="Basic128" establishSecurityContext="false" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="CertificateServiceBehavior">
<clientCredentials>
<clientCertificate findValue="www.testserver.com"
storeLocation="LocalMachine"
storeName="TrustedPeople"
x509FindType="FindBySubjectName"/>
<serviceCertificate >
<defaultCertificate findValue="www.testserver.com"
storeLocation="LocalMachine"
storeName="TrustedPeople"
x509FindType="FindBySubjectName"/>
<authentication certificateValidationMode="PeerOrChainTrust" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<client>
<endpoint address="http://xxx.xxx.xxx.xxx/Services/IncomingDataService.svc"
behaviorConfiguration="CertificateServiceBehavior" binding="wsHttpBinding"
bindingConfiguration="wsHttpBinding_IIncomingDataService" contract="IncomingDataService.IIncomingDataService"
name="wsHttpBinding_IIncomingDataService">
<identity>
<dns value="www.testserver.com" />
</identity>
</endpoint>
</client>
</system.serviceModel>
