Secure channel cannot be opened because security negotiation with the remote endpoint has failed. RRS feed

  • Question

  • Hi Team,

    Am trying to consume same WCF Service which hosted in two different environment(QA and UAT). QA service is workign fine, But UAT Service throws this error,

    Secure channel cannot be opened because security negotiation with the remote endpoint has failed. 
    This may be due to absent or incorrectly specified EndpointIdentity in the EndpointAddress used to create the channel. 
    Please verify the EndpointIdentity specified or implied by the EndpointAddress correctly identifies the remote endpoint.

    Inner Exception says : The request for security token has invalid or malformed elements.

    Configuration of the Service :

        <binding name="WsHttpBinding_IAssociateInformationService" closeTimeout="00:10:00"
         openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00"
         bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
         maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" messageEncoding="Text"
         textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
          <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647"
          maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
          <reliableSession ordered="true" inactivityTimeout="00:10:00"
          enabled="false" />
          <security mode="Message">
            <transport clientCredentialType="Windows" proxyCredentialType="None"
            realm="" />
            <message clientCredentialType="Windows" negotiateServiceCredential="true" establishSecurityContext="false"
            algorithmSuite="Default" />

    Configuration of Application which consumes service :

     <endpoint address="http://edmx-ews-qa.hp.local/AssociateInformationService.svc"
            binding="wsHttpBinding" bindingConfiguration="WsHttpBinding_IAssociateInformationServiceClient1"
            contract="ServiceReference2.IAssociateInformationService" name="WsHttpBinding_IAssociateInformationServiceClient1">
              <userPrincipalName value="svcADMSApplWebServQA@sps.local" />

    Have tried various combination of Security Mode as Message with and without transport and message attributes. Nothing is working in UAT environment. Same service is running and establishing the connection in QA environment. What difference is causing the issue, couldn't figure it out. Any suggestion to resolve will be helpful....

    Wednesday, December 27, 2017 7:04 AM

All replies

  • Hi SHINY5,

    How did you generate client code for UAT?

    What do you mean by UAT?

    I suggest you try VS feature for Svcutil.exe to generate client code, and update Service Reference if you change anything in service side.

    Best Regards,

    Tao Zhou

    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact

    Thursday, December 28, 2017 5:13 AM