WCF trying to bind to ssl in self host

[sathenzar]

So I am pretty stuck here. I've always been able to host WCF apps with no problem over http. I can setup https WCF apps in IIS. But when I'm trying to use a self hosted https wcf app this has been nothing but a nightmare. I am running both the client and self hosted service on the same computer. Also, the service opens each time I run it with no errors. It's reported state is open. When I try to connect with the client (which is activating the service via channel factories) it crashes with the SSL/TLS error as described below. I've been at this for about 2 days now and can't get it to work :(

 

I have tried following several guides such as (but not limited to) the ones here: http://blogs.msdn.com/b/james_osbornes_blog/archive/2010/12/10/selfhosting-a-wcf-service-over-https.aspx as well as here: http://msdn.microsoft.com/en-us/library/ms733791.aspx. The first document I follow it to the letter and at the end when the author says "And that's it! now we can call the program and it will invoke the service" it doesn't. It gives me an error: "Could not establish trust relationship for the SSL/TLS secure channel".

 

So I tried a slightly different approach upon coming on to the second article. I tried to use an existing certification already listed for my server (which is stored under personal certifcations). I copied the thumbprint and registered it with the port creating my own app id. That didn't work so I thought well lets try to force the client certificate thumbprint on both the service and the client by specifying the client credentials and looking it up via thumbprint like so:

factory.Credentials.ClientCertificate.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation.LocalMachine, System.Security.Cryptography.X509Certificates.StoreName.My,

                    System.Security.Cryptography.X509Certificates.X509FindType.FindByThumbprint, "f80e16f75e805b951e6099979f6dcea56bce3273");

I still get the same results. What am I missing? Here is the code for both the service and the client.

 

Client:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.ServiceModel;
using HttpsSelfHost;
 
namespace ConsoleApp4
{
    class Program
    {
        static void Main(string[] args)
        {
            string address = "https://localhost:8007/HelloWorldSvc";
            WSHttpBinding binding = new WSHttpBinding();
            binding.Security.Mode = SecurityMode.Transport;
            binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
 
            try
            {
                ChannelFactory<IHelloWorldSvc> factory = new ChannelFactory<IHelloWorldSvc>(binding, address);
                factory.Credentials.ClientCertificate.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation.LocalMachine, System.Security.Cryptography.X509Certificates.StoreName.My,
                    System.Security.Cryptography.X509Certificates.X509FindType.FindByThumbprint, "f80e16f75e805b951e6099979f6dcea56bce3273");
                IHelloWorldSvc client = factory.CreateChannel();
                Console.WriteLine("Invoking service.");
                string str = client.HelloWorld();
                Console.WriteLine("Returned: {0}", str);
            }
            catch (Exception ex)
            {
                Console.WriteLine(ex.ToString());
            }
            Console.WriteLine("Press enter to quit.");
            Console.ReadLine();
        }
    }
}

Service:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.ServiceModel;
 
namespace HttpsSelfHost
{
    class Program
    {
        static void Main(string[] args)
        {
            string address = "https://localhost:8007/HelloWorldSvc";
            WSHttpBinding binding = new WSHttpBinding();
            binding.Security.Mode = SecurityMode.Transport;
            binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
            using (ServiceHost host = new ServiceHost(typeof(HelloWorldSvc)))
            {
                host.AddServiceEndpoint(typeof(IHelloWorldSvc), binding, address);
                host.Credentials.ClientCertificate.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation.LocalMachine, System.Security.Cryptography.X509Certificates.StoreName.My,
                    System.Security.Cryptography.X509Certificates.X509FindType.FindByThumbprint, "f80e16f75e805b951e6099979f6dcea56bce3273");
                host.Open();
 
                Console.WriteLine("Host is: {0}. Press enter to close.", host.State);
                Console.ReadLine();
                host.Close();
            }
        }
    }
}
 

[sathenzar]

Good God today was the most embarrassing moment in my programming career. I finally figured out what the problem was. It was b/c the hash the server was using and my client hash was the same, just the client hash I put in was lower case, the server expected it to be upper case >< Good God can we please delete this thread?

[Kami-]

Nope; this'll be here to embarass you for life.

[barbary]

On the plus side it means the code you posted here works and will be here for others.

 

We have all made those mistakes.  I've got some corkers.

[Andre S. Veteran]

As dumb as your mistake may be, someone is bound to run into the same problem some day and will be glad to find this information.