Stack Overflow
Stack Overflow

Questions tagged [transport-security]

52 questions
28
votes
9 answers

The authentication schemes configured on the host ('Anonymous') do not allow those configured on the binding 'BasicHttpBinding' ('Negotiate').

The authentication schemes configured on the host ('Anonymous') do not allow those configured on the binding 'BasicHttpBinding' ('Negotiate'). Please ensure that the SecurityMode is set to Transport or TransportCredentialOnly. Additionally, this…
Harsha
  • 831
  • 1
  • 9
  • 16
11
votes
2 answers

One way SSL is one way encryption?

If one way SSL is used (Server Certificate authentication) then data sent from client gets encrypted using Public key of the server certificate. So privacy protection is available for data sent from client. My questions are Does this mean that in…
ideafountain
  • 276
  • 2
  • 3
  • 7
9
votes
4 answers

Authentication a WCF Request via Client Certificate over HTTPS

I've been struggling with the configuration for this blasted WCF service for the past week, and I'm slowing beginning to suspect that what I'm trying to do is just not possible, despite the documentation. Quite simply, I want to have a WCF service…
Chris B. Behrens
  • 6,255
  • 8
  • 45
  • 71
8
votes
1 answer

The HTTP request was forbidden with client authentication scheme 'Anonymous'

This seams to be a common problem, and I have looked at all the answers here but none have helped. I am trying to get SSL to work with basichttpbinding and WCF service hosted on iis. I think the problem is in iis or with the certificates. I have…
Zeezer
  • 1,503
  • 2
  • 18
  • 33
7
votes
0 answers

SecurityNegotiationException: A Call to SSPI Failed

I have a WCF webservice using a NetTcpBinding with Transport security and the clientCredientialType set to none. I have no identity specified on the endpoint using this binding. Every attempt made to call a method on the service results in the…
Sjblack
  • 695
  • 4
  • 14
6
votes
3 answers

Is Transport security a bad practice for the WCF service over the Internet?

I have a WCF service accessible over the Internet. It has wsHttpBinding binding and message security mode with username credentials to authenticate clients. The msdn says that we should use message security for the Internet scenarios, because it…
Sergey Smelov
  • 1,081
  • 3
  • 14
  • 26
6
votes
1 answer

wsHttpbinding with TransportWithMessageCredential and windows authentication

I have an IIS hosted WCF service with the following binding configuration (I removed all the attributes from the binding for space) for wsHttpBinding and TransportWithMessageCredential
Sjblack
  • 695
  • 4
  • 14
5
votes
1 answer

TLS 1.2 on Windows Server 2003 and XP

I have WCF service hosted on IIS which uses transport security. I need to restrict the TLS version to 1.2. I found that TLS 1.2 is supported on Windows Server 2008 and Windows 7. Can I restrict the usage of TLS to version 1.2 for Windows Server…
cvlad
  • 608
  • 1
  • 6
  • 17
4
votes
2 answers

How do I make use of SSLSetALPNProtocols?

I'm working on a TLS library for the vapor project and am supporting both Apple's (Transport-)Security and OpenSSL for use in an HTTP/2 client and server. On this line of code I'm trying to call SSLSetALPNProtocols. Regardless of my approach, I'm…
JoannisO
  • 875
  • 7
  • 13
3
votes
1 answer

How do I setup Client and Server Certificates for WCF Transport Security?

My scenario: I have a public facing web app hosted on Amazon EC2 servers. I have a self-hosted database server behind a firewall. I have self-hosted Web Service servers with a web service for data access. I want to allow only applications I approve…
kfoster
  • 1,623
  • 2
  • 11
  • 11
3
votes
2 answers

WCF 4 - TransportWithMessageCredential using X.509 certificates for transport and message security

I'm trying to make a WCF4 service hosted on IIS which will use X.509 certificates for message security and SSL with required mutual authentication for transport security (project specification requires the use of WS-Security AND SSL, AFAIK only one…
Boris B.
  • 4,933
  • 1
  • 28
  • 59
3
votes
1 answer

Classic asp "An error occurred when verifying security for the message." iis7 transport level security

On II7 we host a WCF/asp.net based API. In order to allow users of a classic asp application to connect to the API we had to publish a version we refer to as "transport". This Transport version is written in asp.net too, it points to the same…
scott_lotus
  • 3,171
  • 22
  • 51
  • 69
3
votes
0 answers

Diffie-Hellman min key size for different browsers

I am interested in whether there is somewhere described what is the min size of Diffie-Hellman key that is supported for each browser. As I know modern browsers don't allow this key to be downgraded to 512 key size. As example latest chrome is…
user1459144
  • 4,439
  • 5
  • 28
  • 35
3
votes
1 answer

WCF - Does Transport Security only work for Intranet Scenario?

I would like to secure a WCF service at transport level, however reading this article it says it works for a Intranet scenario: http://msdn.microsoft.com/en-us/library/ff648863.aspx "Use transport security in the following scenarios: You are…
Alberto Montellano
  • 5,886
  • 7
  • 37
  • 53
3
votes
1 answer

Transport Layer Security boost sockets

Does anyone know how to implement tls using boost sockets ? I have implemented ssl but I would not mind extending it to tls.
gda2004
  • 718
  • 13
  • 32
1
2 3 4