3

I have a WCF service with the below config file. Even though I have specified clientCredentialType = None, the WCF service (from VS2013), throws exception stating that certificate is not specified.

Why is it so? Shouldn't a certificate be required only if the clientCredentialType is set as Certificate.

<system.serviceModel>
    <bindings>
      <wsHttpBinding>
        <binding>
          <security mode="Message">
            <message clientCredentialType="Windows"/>
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
    <services>
      <service name="WCFBindingwshttpBinding.Service1">
        <endpoint address="" binding="wsHttpBinding" bindingConfiguration="" contract="WCFBindingwshttpBinding.IService1">
          <identity>
            <dns value="localhost" />
          </identity>
        </endpoint>
        <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
        <host>
          <baseAddresses>
            <add baseAddress="http://localhost:8733/Design_Time_Addresses/WCFBindingwshttpBinding/Service1/" />
          </baseAddresses>
        </host>
      </service>
    </services>
    <behaviors>
      <serviceBehaviors>
        <behavior>
          <!-- To avoid disclosing metadata information, 
          set the values below to false before deployment -->
          <serviceMetadata httpGetEnabled="True" httpsGetEnabled="True"/>
          <!-- To receive exception details in faults for debugging purposes, 
          set the value below to true.  Set to false before deployment 
          to avoid disclosing exception information -->
          <serviceDebug includeExceptionDetailInFaults="False" />
        </behavior>
      </serviceBehaviors>
    </behaviors>
  </system.serviceModel>
Seymour
  • 7,043
  • 12
  • 44
  • 51
ckv
  • 10,539
  • 20
  • 100
  • 144
  • When do you get the exception, ServiceHost.Open()? Can you include more details around the exception. – Petar Vučetin Feb 26 '14 at 17:06
  • I agree with Petar. Is the exception on the client process, or the server? Is it a self-hosting server, or hosted on something like IIS? – Kevin Anderson Feb 26 '14 at 17:09
  • 1
    Its your binding specification. See [this link](http://stackoverflow.com/questions/10696303/is-transportwithmessagecredential-without-certificate-secure-enough-for-a-wcf-se). – Mark M Feb 26 '14 at 17:19
  • Try just using basicHttpBinding. Also your endpoints are not actually using the bindingConfiguration that is defined above, if that is your intent. See here for a simple example of how to do what I *think* you are attempting: http://stackoverflow.com/questions/7043814/what-is-the-bindingconfiguration-attribute-responsible-for-in-a-basichttpbinding – Bensonius Feb 26 '14 at 18:56
  • Set to None. – Musketyr Feb 27 '14 at 06:52

1 Answers1

2

I think you are getting the error because you have not specified a Server certificate.

As I recall, WCF requires transport level security when using message encryption (<security mode="Message">) in order to securely exchange the “shared secret” and establish the security context. Therefore, since you are using the WSHttpBinding, then the Server certificate is used to establish the security channel.

The following link provides good related information:
WCF message security without certificate and windows auth

Community
  • 1
  • 1
Seymour
  • 7,043
  • 12
  • 44
  • 51