WCF/WF - Error in App.config - Asked By Shilpa Sharma on 04-Aug-10 08:45 AM


Today I was trying my first WCF application and got the following error for one of my service
"Cannot load the X.509 certificate identity specified in the configuration."

When I googled for this error, I found that x509FindType (within identity tag) should be set as "FindBySubjectDistinguishedName". My app.config has the same value, but still it is giving me the same error. Sharing the code of app.config, Please suggest me what should be the necessary changes to be done to get rid of this error and make my 1st WCF application work

<?xml version="1.0" encoding="utf-8" ?>
    <compilation debug="true" />
  <!-- When deploying the service library project, the content of the config file must be added to the host's 
  app.config file. System.Configuration does not support config files for libraries. -->
      <service behaviorConfiguration="EvalService.Service1Behavior"
        <clear />
        <endpoint binding="wsHttpBinding" contract="EvalService.IEvalService"
            <dns value="localhost" />
            <certificateReference storeName="My" storeLocation="LocalMachine"
        <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"
            <certificateReference storeName="My" storeLocation="LocalMachine"
              x509FindType="FindBySubjectDistinguishedName" />
            <add baseAddress="http://localhost:8080/EvalService.svc" />
        <behavior name="EvalService.Service1Behavior">
          <!-- To avoid disclosing metadata information, 
          set the value below to false and remove the metadata endpoint above before deployment -->
          <serviceMetadata httpGetEnabled="True"/>
          <!-- To receive exception details in faults for debugging purposes, 
          set the value below to true.  Set to false before deployment 
          to avoid disclosing exception information -->
          <serviceDebug includeExceptionDetailInFaults="False" />

Web Star replied to Shilpa Sharma on 04-Aug-10 08:58 AM
Hi All,
I faced the same problem and this is what worked for me:

 <endpoint address="ws" binding="wsHttpBinding" contract="EvalServiceLibrary.IEvalService"
        <dns value="localhost" />
        <certificateReference storeName="My" storeLocation="LocalMachine"
        x509FindType="FindBySubjectDistinguishedName" />

Add the dns value tag within the identity tag. (marked above in bold)
the default value can be empty string. (<dns value="" /> )

The <certificateReference> element, contained inside the <identity> element, must contain a findValue attribute specifying the "value to search for in the X.509 certificate store" (see http://msdn.microsoft.com/en-us/library/ms731383.aspx).
Shilpa Sharma replied to Web Star on 04-Aug-10 09:06 AM
Hi web Star,

I have already tried the following two option but in either case I am getting the error.
  • <dns value="" />
  • <dns value="localhost" />

Error is:
HTTP could not register URL http://+:8080/EvalService.svc/. Your process does not have access rights to this namespace (see http://go.microsoft.com/fwlink/?LinkId=70353 for details). ---> System.Net.HttpListenerException: Access is denied

Thx in Adavnce