none
WCF SSL certificate authentication not recognizing configuration settings RRS feed

  • Question

  • I am trying to use SSL certificate authentication in WCF/.NET version 4.0 IIS version 7.5, but, when I enable the oneToOneMappings authentication, the system does not recognize the maxReceivedMessageSize, when I comment out the oneToOneMappings authentication section, IIS recognize the maxReceivedMessageSize variable.

    Any ideas about how to make this WCF service use the maxReceivedMessageSize value that I set when the SSL certificate authentication is enabled?

    Service Model section:

    <system.serviceModel>
        <services>
          <service behaviorConfiguration="AServiceBehavior" name="<IContract>">
            <endpoint address=""  binding="basicHttpBinding" bindingConfiguration="MutualSslBinding" contract="<IContract>"  name="AnEndpoint" />
            <host><baseAddresses><add baseAddress="https://asite.com/service" /></baseAddresses></host>
          </service>
        </services>
        <behaviors>
          <serviceBehaviors>
            <behavior name="AServiceBehavior">
              <serviceCredentials>
              </serviceCredentials>
              <serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" />
              <serviceDebug includeExceptionDetailInFaults="true" httpHelpPageEnabled="true" />
              <serviceSecurityAudit auditLogLocation="Security" />
            </behavior>
          </serviceBehaviors>
        </behaviors>
      <bindings>
          <basicHttpBinding>
            <binding name="MutualSslBinding" axReceivedMessageSize="2147483647">
              <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647"
                        maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
              <security mode="Transport"> <transport clientCredentialType="Certificate" /></security>
            </binding>
          </basicHttpBinding>
        </bindings>
        <serviceHostingEnvironment aspNetCompatibilityEnabled="false" multipleSiteBindingsEnabled="true">
        </serviceHostingEnvironment>  
      </system.serviceModel>

    Certificate Security section:

    <system.webServer>
        <security>
          <access sslFlags="Ssl, SslNegotiateCert, SslRequireCert" />
          <authentication>
            <anonymousAuthentication enabled="true" />
            <basicAuthentication enabled="false" />
            <clientCertificateMappingAuthentication enabled="false" />
            <digestAuthentication enabled="false" />
            <windowsAuthentication enabled="false" />
            <iisClientCertificateMappingAuthentication enabled="true" oneToOneCertificateMappingsEnabled="true" manyToOneCertificateMappingsEnabled="true">
              <oneToOneMappings>
                            <clear />
                            <add userName="<LocalUser>" password="<EncryptedPassword>" certificate="<Authentication certificate text>" />
              </oneToOneMappings>
            </iisClientCertificateMappingAuthentication>
          </authentication>
        </security>
        <modules runAllManagedModulesForAllRequests="true" />
        <directoryBrowse enabled="false" />
      </system.webServer>
    Friday, November 20, 2015 10:04 PM

All replies

  • Hi,

    According to your description, it seems to be wcf or IIS issue. So you can post it in wcf or IIS forum where you can get better answers:

    https://social.msdn.microsoft.com/Forums/vstudio/en-US/home?forum=wcf


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Tuesday, November 24, 2015 7:50 AM
  • Thanks Pengzhen.
    Tuesday, December 1, 2015 10:41 PM