Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

WCF Client Certificate stopped working

After following a few MSDN articles I had client certificates and user name passwords working for my WCF service. The client required a certificate and a username and password to access my service.

Recently, the certificate stopped working, I can access the service without supplying the client certificate. I am using SOAP UI to test the client. Normally I have to add the client cert to the key store and then specify which key to use for the request.

Recently I set up a test and I didn't have to supply the client cert. Nothing in my conifg changed. Do I have the set up properly?

Thank you.

My Binding Config:

 <wsHttpBinding>
        <binding name="BasicBinding">
          <security mode="TransportWithMessageCredential">
            <transport clientCredentialType="Certificate" />
            <message clientCredentialType="UserName" negotiateServiceCredential="false" establishSecurityContext="false" />

          </security>

        </binding>
      </wsHttpBinding>

My Service:

<service behaviorConfiguration="APIServiceBehaviour" name="Service">
        <endpoint address="api" binding="wsHttpBinding" bindingConfiguration="BasicBinding" name="soap-api" bindingNamespace="https://myserver.com" contract="IAIService" />
        <host>
          <baseAddresses>
            <add baseAddress="https://myserver.com" />
          </baseAddresses>
        </host>
      </service>

The Behavior:

      <serviceAuthorization principalPermissionMode="Custom">
        <authorizationPolicies>
          <add policyType="MyAuthorizationPolicy,MyProject" />
        </authorizationPolicies>
      </serviceAuthorization>

      <serviceCredentials>

        <serviceCertificate findValue="tempSClient" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
        <userNameAuthentication userNamePasswordValidationMode="Custom" includeWindowsGroups="false" customUserNamePasswordValidatorType="MyProject.UserAuth,MyProject" />
      </serviceCredentials>

    </behavior>
like image 953
Allan Avatar asked Apr 21 '16 12:04

Allan


People also ask

What is a WCF certificate?

To program Windows Communication Foundation (WCF) security, X. 509 digital certificates are commonly used to authenticate clients and servers, encrypt, and digitally sign messages.

Where are x509 certificates stored?

Certificates stores are kept in the system registry under the keys HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates and HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates.

What are certificates in Windows 10?

Certificates are based on public key cryptography, which uses public and private keys to verify subject identities, as well as to encrypt and decrypt data. Each certificate contains the public key from the subject's private and public key pair. The subject retains the private key in its own secure environment.

What are computer certificates used for?

Also known as computer certificates,machine certificates (as the name implies) give the system—instead of the user—the capability to do something out of the ordinary. The main purpose for machine certificates is authentication, both client-side and server-side.


1 Answers

The certificates have an expiration date. Did you check you certificate in certmgr.msc ?

like image 104
Philippe Matray Avatar answered Oct 13 '22 02:10

Philippe Matray