WCF: The service certificate is not provided. Specify a service certificate in ServiceCredentials

Question

I'm trying to create a WCF service that uses the MembershipProvider for authentication. Because it is an internal service I'm currently not interested in applying transport level security (HTTPS) and I want to (for now) do this without a certificate. Besides, this will complicate rolling out the service and I wish to do this at a later point in time. I've built a basic configuration (even without configuring the MembershipProvider, but WCF keeps throwing me the following exception:

The service certificate is not provided. Specify a service certificate in ServiceCredentials.

Here's my configuration:

<system.serviceModel>
  <bindings>
    <ws2007HttpBinding>
      <binding name="Service1WS2007HttpBindingConfig">
        <security mode="Message">
          <transport clientCredentialType="None" />
          <message clientCredentialType="UserName" />
        </security>
      </binding>
    </ws2007HttpBinding>
  </bindings>
  <services>
    <service name="WcfService1.Service1">
      <endpoint address="http://localhost:9800/Service1.svc"
        binding="ws2007HttpBinding"
        bindingConfiguration="Service1WS2007HttpBindingConfig"
        contract="WcfService1.IService1" />
    </service>
  </services>
  <behaviors>
    <serviceBehaviors>
      <behavior name="">
        <serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" />
        <serviceDebug includeExceptionDetailInFaults="false" />
      </behavior>
    </serviceBehaviors>
  </behaviors>
  <serviceHostingEnvironment multipleSiteBindingsEnabled="false">
    <serviceActivations>
      <add relativeAddress="Service1.svc" service="WcfService1.Service1" />
    </serviceActivations>
  </serviceHostingEnvironment>
</system.serviceModel>

Stacktrace of the exception:

[InvalidOperationException: The service certificate is not provided. Specify a service certificate in ServiceCredentials. ]
System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.CreateServerX509TokenProvider() +12382737 System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.CreateLocalSecurityTokenProvider(RecipientServiceModelSecurityTokenRequirement recipientRequirement) +63
System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.CreateSecurityTokenProvider(SecurityTokenRequirement requirement) +48
System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.CreateTlsnegoServerX509TokenProvider(RecipientServiceModelSecurityTokenRequirement recipientRequirement) +191
System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.CreateTlsnegoSecurityTokenAuthenticator(RecipientServiceModelSecurityTokenRequirement recipientRequirement, Boolean requireClientCertificate, SecurityTokenResolver& sctResolver) +683
System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.CreateSecurityTokenAuthenticator(SecurityTokenRequirement tokenRequirement, SecurityTokenResolver& outOfBandTokenResolver) +12383208 System.ServiceModel.Security.SessionRenewSecurityTokenManager.CreateSecurityTokenAuthenticator(SecurityTokenRequirement tokenRequirement, SecurityTokenResolver& outOfBandTokenResolver) +81
System.ServiceModel.Security.SymmetricSecurityProtocolFactory.OnOpen(TimeSpan timeout) +181
System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout) +21
System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) +318
System.ServiceModel.Security.SecurityListenerSettingsLifetimeManager.Open(TimeSpan timeout) +94
System.ServiceModel.Channels.SecurityChannelListener`1.OnOpen(TimeSpan timeout) +240
System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) +318
System.ServiceModel.Dispatcher.ChannelDispatcher.OnOpen(TimeSpan timeout) +72

[InvalidOperationException: The ChannelDispatcher at 'http://localhost:9800/Service1.svc' with contract(s) '"IssueAndRenewSession"' is unable to open its IChannelListener.]
System.ServiceModel.Dispatcher.ChannelDispatcher.OnOpen(TimeSpan timeout) +118
System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) +318 System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout) +111
System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) +318
System.ServiceModel.Security.SecuritySessionSecurityTokenAuthenticator.OnOpen(TimeSpan timeout) +131
System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout) +21
System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) +318
System.ServiceModel.Security.CommunicationObjectSecurityTokenAuthenticator.Open(TimeSpan timeout) +20
System.ServiceModel.Security.SecuritySessionServerSettings.OnOpen(TimeSpan timeout) +792
System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout) +21
System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) +318
System.ServiceModel.Security.SecurityListenerSettingsLifetimeManager.Open(TimeSpan timeout) +148
System.ServiceModel.Channels.SecurityChannelListener`1.OnOpen(TimeSpan timeout) +240
System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) +318
System.ServiceModel.Dispatcher.ChannelDispatcher.OnOpen(TimeSpan timeout) +72

[InvalidOperationException: The ChannelDispatcher at 'http://localhost:9800/Service1.svc' with contract(s) '"IService1"' is unable to open its IChannelListener.]
System.ServiceModel.Dispatcher.ChannelDispatcher.OnOpen(TimeSpan timeout) +118
System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) +318 System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout) +111
System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) +318
System.ServiceModel.HostingManager.ActivateService(String normalizedVirtualPath) +206
System.ServiceModel.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath) +651

[ServiceActivationException: The service '/Service1.svc' cannot be activated due to an exception during compilation. The exception message is: The ChannelDispatcher at 'http://localhost:9800/Service1.svc' with contract(s) '"IService1"' is unable to open its IChannelListener..]
System.Runtime.AsyncResult.End(IAsyncResult result) +688590
System.ServiceModel.Activation.HostedHttpRequestAsyncResult.End(IAsyncResult result) +190
System.ServiceModel.Activation.HostedHttpRequestAsyncResult.ExecuteSynchronous(HttpApplication context, String routeServiceVirtualPath, Boolean flowContext, Boolean ensureWFService) +234
System.ServiceModel.Activation.HttpModule.ProcessRequest(Object sender, EventArgs e) +359
System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +148 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +75

What is wrong with my configuration and how can I solve this?

Answer 1

You need to sign the service with a certificate. You can do this by adding the following to the configuration:

<serviceBehaviors>
    <behavior name="">
        <serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" />
        <serviceDebug includeExceptionDetailInFaults="false" />

        *<serviceCredentials>
            <serviceCertificate findValue="certificatename" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
        </serviceCredentials>*
     </behavior>
</serviceBehaviors>

Where certificatename is the name of your certificate. To create a certificate you can look here: Create a self signed certificate