• 0

WCF trying to bind to ssl in self host

Asked by sathenzar,

 Share

Question

Mentor

sathenzar

Posted
Posted

So I am pretty stuck here. I've always been able to host WCF apps with no problem over http. I can setup https WCF apps in IIS. But when I'm trying to use a self hosted https wcf app this has been nothing but a nightmare. I am running both the client and self hosted service on the same computer. Also, the service opens each time I run it with no errors. It's reported state is open. When I try to connect with the client (which is activating the service via channel factories) it crashes with the SSL/TLS error as described below. I've been at this for about 2 days now and can't get it to work :(

 

I have tried following several guides such as (but not limited to) the ones here: http://blogs.msdn.com/b/james_osbornes_blog/archive/2010/12/10/selfhosting-a-wcf-service-over-https.aspx as well as here: http://msdn.microsoft.com/en-us/library/ms733791.aspx. The first document I follow it to the letter and at the end when the author says "And that's it! now we can call the program and it will invoke the service" it doesn't. It gives me an error: "Could not establish trust relationship for the SSL/TLS secure channel".

 

So I tried a slightly different approach upon coming on to the second article. I tried to use an existing certification already listed for my server (which is stored under personal certifcations). I copied the thumbprint and registered it with the port creating my own app id. That didn't work so I thought well lets try to force the client certificate thumbprint on both the service and the client by specifying the client credentials and looking it up via thumbprint like so:

factory.Credentials.ClientCertificate.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation.LocalMachine, System.Security.Cryptography.X509Certificates.StoreName.My,
                    System.Security.Cryptography.X509Certificates.X509FindType.FindByThumbprint, "f80e16f75e805b951e6099979f6dcea56bce3273");
I still get the same results. What am I missing? Here is the code for both the service and the client.
 
Client:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.ServiceModel;
using HttpsSelfHost;
 
namespace ConsoleApp4
{
    class Program
    {
        static void Main(string[] args)
        {
            string address = "https://localhost:8007/HelloWorldSvc";
            WSHttpBinding binding = new WSHttpBinding();
            binding.Security.Mode = SecurityMode.Transport;
            binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
 
            try
            {
                ChannelFactory<IHelloWorldSvc> factory = new ChannelFactory<IHelloWorldSvc>(binding, address);
                factory.Credentials.ClientCertificate.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation.LocalMachine, System.Security.Cryptography.X509Certificates.StoreName.My,
                    System.Security.Cryptography.X509Certificates.X509FindType.FindByThumbprint, "f80e16f75e805b951e6099979f6dcea56bce3273");
                IHelloWorldSvc client = factory.CreateChannel();
                Console.WriteLine("Invoking service.");
                string str = client.HelloWorld();
                Console.WriteLine("Returned: {0}", str);
            }
            catch (Exception ex)
            {
                Console.WriteLine(ex.ToString());
            }
            Console.WriteLine("Press enter to quit.");
            Console.ReadLine();
        }
    }
}
Service:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.ServiceModel;
 
namespace HttpsSelfHost
{
    class Program
    {
        static void Main(string[] args)
        {
            string address = "https://localhost:8007/HelloWorldSvc";
            WSHttpBinding binding = new WSHttpBinding();
            binding.Security.Mode = SecurityMode.Transport;
            binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
            using (ServiceHost host = new ServiceHost(typeof(HelloWorldSvc)))
            {
                host.AddServiceEndpoint(typeof(IHelloWorldSvc), binding, address);
                host.Credentials.ClientCertificate.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation.LocalMachine, System.Security.Cryptography.X509Certificates.StoreName.My,
                    System.Security.Cryptography.X509Certificates.X509FindType.FindByThumbprint, "f80e16f75e805b951e6099979f6dcea56bce3273");
                host.Open();
 
                Console.WriteLine("Host is: {0}. Press enter to close.", host.State);
                Console.ReadLine();
                host.Close();
            }
        }
    }
}
 

4 answers to this question

Recommended Posts

  • 0
Mentor

sathenzar

Posted
  • Author
Posted

Good God today was the most embarrassing moment in my programming career. I finally figured out what the problem was. It was b/c the hash the server was using and my client hash was the same, just the client hash I put in was lower case, the server expected it to be upper case >< Good God can we please delete this thread?

This topic is now closed to further replies.
 Share
Go to question listing

  • Posts

    • Revo Uninstaller Free 2.6.0

      By Copernic · Posted

      Revo Uninstaller Free 2.6.0 by Razvan Serea Revo Uninstaller helps you to uninstall software and remove unwanted programs installed on your computer easily! Even if you have problems uninstalling and cannot uninstall them from "Windows Add or Remove Programs" control panel applet. With its advanced and fast algorithms, Revo Uninstaller analyzes an application's data before uninstall and scans for remnants after the uninstall of a program. After the program's regular uninstaller runs, you can remove additional unnecessary files, folders and registry keys that are usually left over on your computer. Revo Uninstaller offers you some simple, easy to use, but effective and powerful methods for uninstalling software like tracing the program during its installation. Revo Uninstaller has a very powerful feature called Forced Uninstall. Forced Uninstall is the best solution when you have to remove stubborn programs, partially installed programs, partially uninstalled programs, and programs not listed as installed at all! To remove a program completely, and without leaving a trace, you can monitor all system changes made during its installation, and then use that information to uninstall it with one click only – simple and easy! Revo Uninstaller is a much faster and more powerful alternative to "Windows Add or Remove Programs" applet! It has very powerful features to uninstall and remove programs. No more stubborn programs No more installation errors No more upgrade problems Remove programs easily Revo Uninstaller Free 2.6.0 changelog: Improved – Scanning algorithms for leftovers Fixed minor bugs Updated language files Download: Revo Uninstaller Free 2.6.0 | Portable ~10.0 MB (Freeware) View: Revo Uninstaller Website | Revo Uninstaller Pro | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Microsoft locks Windows 11 user out, shows how easy losing data from forced encryption is

      By grunger106 · Posted

      I do agree with your point on the lack of ability to reach a human support agent, it's highly frustrating and sadly not uncommon these days. 100% - if a company breaches a SLA, that's not acceptable, but if you breach their ToS then the SLA is invalidated. Why the guy was locked out? - who knows, its looks like it's breach of ToS, but who knows, maybe it's an error on Microsoft's side in this instance, maybe it's an accident, maybe it's a flagrant breach - pointless speculating. However the point here is by uploading all your data to a single point you have backed yourself into a corner where you don't have a recovery plan and that is 100% on you. If you have all your data on hard disk and it fails - do you blame the manufacturer for the data loss? What if the provider goes bust What if you forget to update a payment method and the account is terminated because you miss the email because you're busy, change the address, whatever What if the provider has a catastrophic failure (unlikely with the bigger players, but nothing is impossible) Point being however you store data - be it cloud or locally, if you only have one copy it should be viewed as data at risk, and you are the one who must manage the risk.
    • Rematch, Warcraft, another Call of Duty, FBC: Firebreak, and more hit Xbox Game Pass

      By LoneWolfSL · Posted

      Rematch, Warcraft, another Call of Duty, FBC: Firebreak, and more hit Xbox Game Pass by Pulasthi Ariyasinghe Microsoft has unveiled the games that will be available to Xbox Game Pass subscribers in the second half of June. The latest wave touts several more games from the coffers of Activision Blizzard, including the three remastered Warcraft games and the 2017-released Call of Duty: WWII. Three day-one drops are a part of this wave. This includes Remedy Entertainment's first multiplayer-focused co-op entry, FBC: Firebreak, the hugely anticipated soccer game from Sifu developers, Rematch, and the indie roguelike Lost in Random: The Eternal Die. Here are all the games announced for Game Pass today and their arrival dates: FBC: Firebreak (Cloud, PC, and Xbox Series X|S) – Available today Crash Bandicoot 4: It’s About Time (Console and PC) – Available today Lost in Random: The Eternal Die (Cloud, PC, and Xbox Series X|S) – Available today Star Trucker (Xbox Series X|S) – June 18 Wildfrost (Console) – June 18 Rematch (Cloud, PC, and Xbox Series X|S) – June 19 Volcano Princess (Cloud, Console, and PC) – June 24 Against the Storm (Cloud and Console) – June 26 Warcraft I: Remastered (PC) – June 26 Warcraft II: Remastered (PC) – June 26 Warcraft III: Reforged (PC) – June 26 Call of Duty: WWII (Console and PC) – June 30 Little Nightmares II (Cloud, Console, and PC) – July 1 Rise of the Tomb Raider (Cloud, Console, and PC) – July 1 Just as new games arrive, six will be leaving the Game Pass programs on June 30. These are Arcade Paradise, Journey to the Savage Planet, My Friend Peppa Pig, Robin Hood: Sherwood Builders, SteamWorld Dig, and SteamWorld Dig 2 across both PC and Xbox consoles. With June reveals out of the way, expect the next Game Pass announcement to arrive in early July, revealing what's coming in the first half of the new month. Don't forget that the Xbox Games Showcase also revealed more titles for Game Pass like The Outer Worlds 2, Grounded 2, Black Ops 7, and At Fate's End.
    • It's been four years, and I still don't have a strong enough reason to upgrade to Windows 11

      By eilegz · Posted

      context menu before it was instantly, now you need to click twice and the old context menu sometimes have to load
    • Watchdog finds Microsoft guilty of confusing advertising when it comes to Copilot

      By M. Murcek · Posted

      Is NAD a legitimate court? Nope, it's part of the BBB. So they can allege whatever they want. Guilt is the result of being convicted by an actual recognized legitimate court. Just sayin.

  • Recent Achievements

    • Week One Done
      Rhydderch earned a badge
      Week One Done
    • Experienced
      dismuter went up a rank
      Experienced
    • One Month Later
      mevinyavin earned a badge
      One Month Later
    • Week One Done
      rozermack875 earned a badge
      Week One Done
    • Week One Done
      oneworldtechnologies earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      698
    2. 2
      ATLien_0
      272
    3. 3
      Michael Scrip
      214
    4. 4
      +FloatingFatMan
      186
    5. 5
      Steven P.
      144
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!