Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

WCF Error "Found multiple X.509 certificates using search criteria"

I receive following error when I try accessing a WCF service hosted on our staging server.

"Found multiple X.509 certificates using the following search criteria: StoreName 'My', StoreLocation 'LocalMachine', FindType 'FindBySubjectName', FindValue 'StagingServer001'. Provide a more specific find value."

I try to access the following URL and get above error:

http://stagingserver001/MyService1.svc

Could anyone please guide me how can I find the certificate in the store to delete it? Or what changes I need in configurations of WCF

Please find below the the relevant code taken from web.config of the WCF service

<behaviors>
      <endpointBehaviors>
        <behavior name="endpointCredentialBehavior">
          <clientCredentials>
            <clientCertificate findValue="SPLEBUSSTG02" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
            <serviceCertificate>
              <defaultCertificate findValue="772f3fdf2496c9750be3b0713003b47b15dfde96" storeLocation="LocalMachine" storeName="My" x509FindType="FindByThumbprint" />
              <authentication certificateValidationMode="PeerOrChainTrust" />
            </serviceCertificate>
          </clientCredentials>
        </behavior>
      </endpointBehaviors>
      <serviceBehaviors>
        <behavior name="SecurityBehavior">
          <serviceMetadata httpGetEnabled="True"  />
          <serviceDebug includeExceptionDetailInFaults="false" />
          <serviceCredentials>
            <serviceCertificate findValue="772f3fdf2496c9750be3b0713003b47b15dfde96" storeLocation="LocalMachine" storeName="My" x509FindType="FindByThumbprint" />
            <clientCertificate>
              <certificate findValue="SPLEBUSSTG02" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
              <authentication certificateValidationMode="PeerOrChainTrust" />
            </clientCertificate>
          </serviceCredentials>
        </behavior>
        <behavior>
          <!-- To avoid disclosing metadata information, set the values below to false before deployment -->
          <serviceMetadata httpGetEnabled="false" httpsGetEnabled="false" />
          <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
          <serviceDebug includeExceptionDetailInFaults="false" />
          <ServiceErrorHandler />
        </behavior>
      </serviceBehaviors>

    </behaviors>
like image 763
Nirman Avatar asked Dec 16 '13 10:12

Nirman


People also ask

How to authenticate client certificates in WCF?

Let’s open the web.config file of the WCF service and enter two important things: Where the certificate is stored, location, and how the WCF application should find it. This is defined using the serviceCertificate tag as shown in the below snippet. certificationvalidationmode defines how the client certificates will be authenticated.

How are application errors handled in WCF?

Application errors occur during the execution of a service operation. Errors of this kind are sent to the client as FaultException or FaultException<TDetail>. Error handling in WCF is performed by one or more of the following: Directly handling the exception thrown. This is only done for communication and proxy/channel errors.

How do you handle client exceptions in WCF?

Utilize fault contracts to provide more robust client exceptions. Anytime an exception is thrown within your application, you should log it to help troubleshoot application problems. Let’s cover a couple of ways to accomplish this so that you can track all WCF exceptions occurring in your application.

What is the difference between WCF retrace and unhandled exceptions?

This includes unhandled exceptions in WCF but can also include all thrown exceptions, or first chance exceptions. Retrace does this via the robust code level profiling that it implements. It allows you to get detailed performance details about your application, including exceptions being thrown.


1 Answers

I think you problem in certificate store. please do the following:

  1. run mmc
  2. menu file/Add Remove Snap-In
  3. from the treeview select certificates, than select radiobox Local computer
  4. Certificates(local computer)/Personal/certificates
  5. look through all certificates listed there. there should be a dublication. (if the duplication is not visible right on the first look, double click on each certificate, go to Detatis tab, find the Subject property) enter image description here

Get rid of duplication if possible. in other case define FindByThumbprint criteria in your config

like image 51
Yaugen Vlasau Avatar answered Sep 21 '22 02:09

Yaugen Vlasau