none
Self Hosted WCF Service error RRS feed

  • Question

  • Hello, 

    We have a self hosted wcf service with uses https with self signed certificate. and Our testing team has tested it works on all the machines.

    We use webhttpbinding. Transport Security with ClientCredentialType = "Certificate"

    the scenarios are

    1. Client : WCF Service to Jboss Server : Works fine

    2. Client Jboss Server to WCF Service : Don't work; All the certificates are present in the root trusted authorities.

    We get a 403 Forbidden error on some customer machines / servers.

    Please help.


    Rathin Padia

    Friday, October 5, 2018 5:07 AM

All replies

  • Hi Rathin,

    From your description, I am not clear about what the scenario exactly is. Would you mind telling me more details about what you did?

    >>All the certificates are present in the root trusted authorities.

    As far as I know, when the server and client use certificates to verify the identity each other. We need to configure the following.

    https://i.stack.imgur.com/8zt10.png

    None: you could put the ceritificate anywhere

    PeerTrust: you should put the certificate in the trusted people store.

    ChainTrust: if the chain builds to a certification authority in the trusted root store, then the certification is valid.

    PeerOrChainTrust: the above.

    Custom: we should specify the custom x509validator class which implements the System.IdentityModel.Selectors.X509CertificateValidator manually.

    In short, we manually specify that the client and server verify the certificate in a way of

    System.ServiceModel.Security.X509CertificateValidationMode.None

    ensure that it is not a matter of authentication authorization.

    Best Regards

    Abraham.

    Tuesday, October 16, 2018 10:00 AM
    Moderator