Home/ Questions/Q 6096231
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T12:54:10+00:00

Web config: <?xml version=1.0?> <configuration> <system.serviceModel> <behaviors> <serviceBehaviors> <behavior name=ServiceCredentialsBehavior> <serviceCredentials> <serviceCertificate findValue=cool storeLocation=LocalMachine

  • 0

Web config:

<?xml version="1.0"?>
  <configuration>
<system.serviceModel>
    <behaviors>
        <serviceBehaviors>
            <behavior name="ServiceCredentialsBehavior">
                <serviceCredentials>
                    <serviceCertificate findValue="cool"    storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName"/>
                </serviceCredentials>
                <serviceMetadata httpGetEnabled="true" />
            </behavior>
        </serviceBehaviors>
    </behaviors>
    <services>
        <service behaviorConfiguration="ServiceCredentialsBehavior" name="Service">
            <endpoint address="" binding="wsHttpBinding" bindingConfiguration="MessageAndUserName" name="SecuredByTransportEndpoint" contract="IService"/>
        </service>
    </services>
    <bindings>
        <wsHttpBinding>
            <binding name="MessageAndUserName">
                <security mode="Message">
                    <message clientCredentialType="UserName"/>
                </security>
            </binding>
        </wsHttpBinding>
    </bindings>
    <client/>
</system.serviceModel>
<system.web>
    <compilation debug="true"/>
</system.web>

Client cfg:

<?xml version="1.0" encoding="utf-8"?>
 <configuration>
<system.serviceModel>
    <bindings>
        <wsHttpBinding>
            <binding name="WSHttpBinding_IService" >
                <security mode="Message">
                    <message clientCredentialType="UserName" />
                </security>
            </binding>
        </wsHttpBinding>
    </bindings>
    <client>
        <endpoint address="http://localhost:48097/WCFServer/Service.svc"
                  binding="wsHttpBinding"
                  bindingConfiguration="WSHttpBinding_IService"
                  contract="ServiceReference1.IService"
                  name="WSHttpBinding_IService">
            <identity>
                <dns value ="cool" />
            </identity>
        </endpoint>
    </client>
</system.serviceModel>

The scope is to pass ClientCredentials.UserName.UserName/Password through a secure connection.
I did x509 certificates with pluralsight self cert..

The error is:

SOAP security negotiation with ‘http://localhost:48097/WCFServer/Service.svc&#8217;
for target
http://localhost:48097/WCFServer/Service.svc&#8217;
failed. See inner exception for more
details.

InnerException:

The X.509 certificate CN=cool chain
building failed. The certificate that
was used has a trust chain that cannot
be verified. Replace the certificate
or change the
certificateValidationMode. A
certificate chain processed, but
terminated in a root certificate which
is not trusted by the trust provider.

How can i solve this exception?
Regards,
Sergiu.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You are using self signed certificate which is not trusted by default. You must tell your client application that it should trust the certificate:

    <behaviors>
  <endpointBehaviors>
    <behavior name="LocalCertValidation">
      <clientCredentials>
        <serviceCertificate>
          <authentication certificateValidationMode="PeerTrust" />
        </serviceCertificate>
      </clientCredentials>
    </behavior>
  </endpointBehaviors>
</behaviors>

    Reference this behavior from your endpoint configuration in client by behaviorConfiguration="LocalCertValidation". To make it work you must install public certificate to current user’s certification store under trusted people. You can also set validation mode to None and certificate will not be validated at all but that should be used only in development environment.

    • 0