Sent date: 05/22/2008
From: "Morten Abrahamsen" <(email address - cut out)>
Message:Try changing
<identity>
<servicePrincipalName value="host/Avacta-n31m-1" />
</identity>
to the common name of your service certificate?
Morty
"Manjree Garg" <(email address - cut out)am> wrote in message
news:(email address - cut out)...
Show quoted text
> Hi,
>
> I created a web service and hosted it in Windows Services. It is working
> fine. Now I am trying to implement the X509 certificates for message layer
> security. But it is throwing the following exception:
>
> An unhandled exception of type
> 'System.ServiceModel.Security.SecurityNegotiationException' occurred in
> mscorlib.dll
>
> Additional information: Secure channel cannot be opened because security
> negotiation with the remote endpoint has failed. This may be due to absent
> or
> incorrectly specified EndpointIdentity in the EndpointAddress used to
> create
> the channel. Please verify the EndpointIdentity specified or implied by
> the
> EndpointAddress correctly identifies the remote endpoint.
>
>
> The WinSvchost file is:
>
>
>
> namespace PreprocessingWinSvcHost
> {
> public partial class PreprocessingWinSvc : ServiceBase
> {
> private ServiceHost myHost;
> public PreprocessingWinSvc()
> {
> InitializeComponent();
> }
>
> protected override void OnStart(string[] args)
> {
> try
> {
> //Create the host.
>
> Uri address = new
> Uri("http://localhost:8080/PreprocessingService");
> WSHttpBinding binding = new WSHttpBinding();
> Type contract = typeof(IPreprocess);
>
> binding.MaxBufferPoolSize = 200000000;
> binding.MaxReceivedMessageSize = 200000000;
> binding.Name = "WSHttpBinding_IPreprocess";
>
> binding.Security.Mode = SecurityMode.Message;
> binding.Security.Message.ClientCredentialType =
> MessageCredentialType.Certificate;
>
> myHost = new ServiceHost(typeof(PreprocessingService));
> myHost.AddServiceEndpoint(contract, binding, address);
>
> myHost.Credentials.ServiceCertificate.SetCertificate(
> StoreLocation.LocalMachine, StoreName.My,
> X509FindType.FindBySubjectName, "windowshost");
>
> ClientCredentials creds = new ClientCredentials();
> // Configure peer trust.
>
> creds.ServiceCertificate.Authentication.CertificateValidationMode =
> X509CertificateValidationMode.PeerOrChainTrust;
>
> //Creates an output file.
> Stream MyOutputFile =
> File.Create("c:\\checklog\\Logfile1.txt");
> TextWriterTraceListener TextListener1 = new
> TextWriterTraceListener(MyOutputFile);
> Trace.Listeners.Add(TextListener1); //Add a listner to the
> Trace.
>
> // Writes output message to the output file and to a
> console
> screen.
> Trace.WriteLine(DateTime.Now.ToLongTimeString() + " -
> Service starting...");
>
>
> myHost.Open();
>
> Trace.WriteLine("state = "+ myHost.State);
>
> // Flush and close the output file.
> Trace.Flush();
> TextListener1.Flush();
> TextListener1.Close();
> }
> catch (Exception e)
> {
> Console.WriteLine("Message: {0}", e.Message);
> }
>
>
> }
>
> and the Client is:
>
>
> namespace PreprocessingClient
> {
> class Program
> {
> static void Main(string[] args)
> {
> Console.WriteLine("**** Preprocessing Client ****");
> EndpointAddress address = new
> EndpointAddress("http://localhost:8080/PreprocessingService");
> WSHttpBinding binding = new WSHttpBinding();
> binding.MaxBufferPoolSize = 200000000;
> binding.MaxReceivedMessageSize = 200000000;
> System.ServiceModel.ChannelFactory<IPreprocess> cf =
> new
> System.ServiceModel.ChannelFactory<IPreprocess>(binding,
> address);
> cf.Credentials.ClientCertificate.SetCertificate(
> StoreLocation.LocalMachine, StoreName.My,
> X509FindType.FindBySubjectName, "WCFUser");
> cf.Credentials.ServiceCertificate.SetDefaultCertificate(
> StoreLocation.LocalMachine, StoreName.My,
> X509FindType.FindBySubjectName,"windowshost");
> IPreprocess proxy = cf.CreateChannel();
> // PreprocessClient proxy = new PreprocessClient();
> //proxy.Open(); //open the client's proxy
>
> proxy.EnableMatGui(false);
> }
>
>
> The app.config for the client is :
>
>
> <?xml version="1.0" encoding="utf-8" ?>
> <configuration>
> <system.serviceModel>
> <bindings>
> <wsHttpBinding>
> <binding name="WSHttpBinding_IPreprocess"
> closeTimeout="00:01:00"
> openTimeout="00:01:00" receiveTimeout="00:10:00"
> sendTimeout="00:40:00"
> bypassProxyOnLocal="false" transactionFlow="false"
> hostNameComparisonMode="StrongWildcard"
> maxBufferPoolSize="200000000"
> maxReceivedMessageSize="20000000"
> messageEncoding="Text" textEncoding="utf-8"
> useDefaultWebProxy="true"
> allowCookies="false">
> <readerQuotas maxDepth="32"
> maxStringContentLength="8192" maxArrayLength="16384"
> maxBytesPerRead="4096"
> maxNameTableCharCount="16384"
> />
> <reliableSession ordered="true"
> inactivityTimeout="00:10:00"
> enabled="false" />
> <security mode="Message">
> <transport clientCredentialType="Windows"
> proxyCredentialType="None"
> realm="" />
> <message clientCredentialType="Certificate"
> negotiateServiceCredential="true"
> algorithmSuite="Default"
> establishSecurityContext="true" />
> </security>
> </binding>
> </wsHttpBinding>
> </bindings>
> <client>
> <endpoint address="http://localhost:8080/PreprocessingService"
> binding="wsHttpBinding"
> bindingConfiguration="WSHttpBinding_IPreprocess"
> contract="ServiceReference1.IPreprocess"
> name="WSHttpBinding_IPreprocess">
> <identity>
> <servicePrincipalName value="host/Avacta-n31m-1" />
> </identity>
> </endpoint>
> </client>
> </system.serviceModel>
> </configuration>
>
>
>
> cheers,
>
> Manjree
>
Sent date: 05/23/2008
From: Manjree Garg
Message:Thanks Morten. But it is still throwing the same exception. :(
Manjree.
"Morten Abrahamsen" wrote:
Show quoted text
> Try changing
> <identity>
> <servicePrincipalName value="host/Avacta-n31m-1" />
> </identity>
>
> to the common name of your service certificate?
>
> Morty
>
> "Manjree Garg" <(email address - cut out)am> wrote in message
> news:(email address - cut out)...
> > Hi,
> >
> > I created a web service and hosted it in Windows Services. It is working
> > fine. Now I am trying to implement the X509 certificates for message layer
> > security. But it is throwing the following exception:
> >
> > An unhandled exception of type
> > 'System.ServiceModel.Security.SecurityNegotiationException' occurred in
> > mscorlib.dll
> >
> > Additional information: Secure channel cannot be opened because security
> > negotiation with the remote endpoint has failed. This may be due to absent
> > or
> > incorrectly specified EndpointIdentity in the EndpointAddress used to
> > create
> > the channel. Please verify the EndpointIdentity specified or implied by
> > the
> > EndpointAddress correctly identifies the remote endpoint.
> >
> >
> > The WinSvchost file is:
> >
> >
> >
> > namespace PreprocessingWinSvcHost
> > {
> > public partial class PreprocessingWinSvc : ServiceBase
> > {
> > private ServiceHost myHost;
> > public PreprocessingWinSvc()
> > {
> > InitializeComponent();
> > }
> >
> > protected override void OnStart(string[] args)
> > {
> > try
> > {
> > //Create the host.
> >
> > Uri address = new
> > Uri("http://localhost:8080/PreprocessingService");
> > WSHttpBinding binding = new WSHttpBinding();
> > Type contract = typeof(IPreprocess);
> >
> > binding.MaxBufferPoolSize = 200000000;
> > binding.MaxReceivedMessageSize = 200000000;
> > binding.Name = "WSHttpBinding_IPreprocess";
> >
> > binding.Security.Mode = SecurityMode.Message;
> > binding.Security.Message.ClientCredentialType =
> > MessageCredentialType.Certificate;
> >
> > myHost = new ServiceHost(typeof(PreprocessingService));
> > myHost.AddServiceEndpoint(contract, binding, address);
> >
> > myHost.Credentials.ServiceCertificate.SetCertificate(
> > StoreLocation.LocalMachine, StoreName.My,
> > X509FindType.FindBySubjectName, "windowshost");
> >
> > ClientCredentials creds = new ClientCredentials();
> > // Configure peer trust.
> >
> > creds.ServiceCertificate.Authentication.CertificateValidationMode =
> > X509CertificateValidationMode.PeerOrChainTrust;
> >
> > //Creates an output file.
> > Stream MyOutputFile =
> > File.Create("c:\\checklog\\Logfile1.txt");
> > TextWriterTraceListener TextListener1 = new
> > TextWriterTraceListener(MyOutputFile);
> > Trace.Listeners.Add(TextListener1); //Add a listner to the
> > Trace.
> >
> > // Writes output message to the output file and to a
> > console
> > screen.
> > Trace.WriteLine(DateTime.Now.ToLongTimeString() + " -
> > Service starting...");
> >
> >
> > myHost.Open();
> >
> > Trace.WriteLine("state = "+ myHost.State);
> >
> > // Flush and close the output file.
> > Trace.Flush();
> > TextListener1.Flush();
> > TextListener1.Close();
> > }
> > catch (Exception e)
> > {
> > Console.WriteLine("Message: {0}", e.Message);
> > }
> >
> >
> > }
> >
> > and the Client is:
> >
> >
> > namespace PreprocessingClient
> > {
> > class Program
> > {
> > static void Main(string[] args)
> > {
> > Console.WriteLine("**** Preprocessing Client ****");
> > EndpointAddress address = new
> > EndpointAddress("http://localhost:8080/PreprocessingService");
> > WSHttpBinding binding = new WSHttpBinding();
> > binding.MaxBufferPoolSize = 200000000;
> > binding.MaxReceivedMessageSize = 200000000;
> > System.ServiceModel.ChannelFactory<IPreprocess> cf =
> > new
> > System.ServiceModel.ChannelFactory<IPreprocess>(binding,
> > address);
> > cf.Credentials.ClientCertificate.SetCertificate(
> > StoreLocation.LocalMachine, StoreName.My,
> > X509FindType.FindBySubjectName, "WCFUser");
> > cf.Credentials.ServiceCertificate.SetDefaultCertificate(
> > StoreLocation.LocalMachine, StoreName.My,
> > X509FindType.FindBySubjectName,"windowshost");
> > IPreprocess proxy = cf.CreateChannel();
> > // PreprocessClient proxy = new PreprocessClient();
> > //proxy.Open(); //open the client's proxy
> >
> > proxy.EnableMatGui(false);
> > }
> >
> >
> > The app.config for the client is :
> >
> >
> > <?xml version="1.0" encoding="utf-8" ?>
> > <configuration>
> > <system.serviceModel>
> > <bindings>
> > <wsHttpBinding>
> > <binding name="WSHttpBinding_IPreprocess"
> > closeTimeout="00:01:00"
> > openTimeout="00:01:00" receiveTimeout="00:10:00"
> > sendTimeout="00:40:00"
> > bypassProxyOnLocal="false" transactionFlow="false"
> > hostNameComparisonMode="StrongWildcard"
> > maxBufferPoolSize="200000000"
> > maxReceivedMessageSize="20000000"
> > messageEncoding="Text" textEncoding="utf-8"
> > useDefaultWebProxy="true"
> > allowCookies="false">
> > <readerQuotas maxDepth="32"
> > maxStringContentLength="8192" maxArrayLength="16384"
> > maxBytesPerRead="4096"
> > maxNameTableCharCount="16384"
> > />
> > <reliableSession ordered="true"
> > inactivityTimeout="00:10:00"
> > enabled="false" />
> > <security mode="Message">
> > <transport clientCredentialType="Windows"
> > proxyCredentialType="None"
> > realm="" />
> > <message clientCredentialType="Certificate"
> > negotiateServiceCredential="true"
> > algorithmSuite="Default"
> > establishSecurityContext="true" />
> > </security>
> > </binding>
> > </wsHttpBinding>
> > </bindings>
> > <client>
> > <endpoint address="http://localhost:8080/PreprocessingService"
> > binding="wsHttpBinding"
> > bindingConfiguration="WSHttpBinding_IPreprocess"
> > contract="ServiceReference1.IPreprocess"
> > name="WSHttpBinding_IPreprocess">
> > <identity>
> > <servicePrincipalName value="host/Avacta-n31m-1" />
> > </identity>
> > </endpoint>
> > </client>
> > </system.serviceModel>
> > </configuration>
> >
> >
> >
> > cheers,
> >
> > Manjree
> >
Sent date: 06/04/2008
From: (email address - cut out) (Steven Cheng [MSFT])
Message:Hi Manjree,
From the description, the problem occurs when you try using x509
certificate based message security in a windows service hosted WCF service.
The error message does indicate that the "identity" of the endpoint hasn't
be specified. I think the endpoint identity should be the service
endpoint's identify setting(at service side). In the code you provided, you
programmtically create the servicehost and add the endpoint, however, you
didn't add an endpoint identity for it.
I've also replied you in another WCF windows service hosted thread. In that
thread you mentioend that you can not get WCF configuration (in app.config)
work with Windows service, correct? I've tested and verify that windows
service can correctly load WCF configuration settings just like other
application(console or winform or asp.net...) without problem. have you
made sure the app.config is correctly copied with the windows service exe(
as windowsservice.exe.config file)?
Also, generally for such scenario, I suggest you first create a normal
console application and copy the WCF code(change it to
configuration/declarative style) into the console applicaiton to test. This
can simplfy the troubleshooting and also detect whether the problem is
specific to windows service.
BTW, here is the test configuration setting( for server and client) I used:
==============server====================
<system.serviceModel>
<services>
<service name="WcfService1.Service1"
behaviorConfiguration="WcfService1.Service1Behavior">
<endpoint address="" binding="wsHttpBinding"
bindingConfiguration="certBinding"
contract="WcfService1.IService1">
<identity>
<certificateReference storeName="My"
storeLocation="LocalMachine"
x509FindType="FindByThumbprint"
findValue="b0d98888fc2fec907661ef11aa430f29e6ae8a91" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding"
contract="IMetadataExchange"/>
</service>
</services>
======client =============
<client>
<endpoint address="http://localhost:33382/Service1.svc"
binding="wsHttpBinding"
bindingConfiguration="WSHttpBinding_IService1"
contract="WCFCert.IService1"
name="WSHttpBinding_IService1">
<identity>
<certificateReference storeLocation="LocalMachine"
storeName="My"
x509FindType="FindByThumbprint"
findValue="b0d98888fc2fec907661ef11aa430f29e6ae8a91"/>
</identity>
</endpoint>
</client>
==================
Anyway, you need to make sure the one you specified at service side also
matches the client-side's.
If there is anything else unclear, please feel free to post here.
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
(email address - cut out).
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
From: =?Utf-8?B?TWFuanJlZSBHYXJn?= <(email address - cut out)am>
References: <(email address - cut out)>
<(email address - cut out)>
Subject: Re: System.ServiceModel.Security.SecurityNegotiationException
Date: Fri, 23 May 2008 02:12:00 -0700
Thanks Morten. But it is still throwing the same exception. :(
Manjree.
"Morten Abrahamsen" wrote:
working
layer
absent
the
address="http://localhost:8080/PreprocessingService"
Show quoted text
> Try changing
> <identity>
> <servicePrincipalName value="host/Avacta-n31m-1" />
> </identity>
>
> to the common name of your service certificate?
>
> Morty
>
> "Manjree Garg" <(email address - cut out)am> wrote in message
> news:(email address - cut out)...
> > Hi,
> >
> > I created a web service and hosted it in Windows Services. It is
> > fine. Now I am trying to implement the X509 certificates for message
> > security. But it is throwing the following exception:
> >
> > An unhandled exception of type
> > 'System.ServiceModel.Security.SecurityNegotiationException' occurred in
> > mscorlib.dll
> >
> > Additional information: Secure channel cannot be opened because security
> > negotiation with the remote endpoint has failed. This may be due to
> > or
> > incorrectly specified EndpointIdentity in the EndpointAddress used to
> > create
> > the channel. Please verify the EndpointIdentity specified or implied by
> > the
> > EndpointAddress correctly identifies the remote endpoint.
> >
> >
> > The WinSvchost file is:
> >
> >
> >
> > namespace PreprocessingWinSvcHost
> > {
> > public partial class PreprocessingWinSvc : ServiceBase
> > {
> > private ServiceHost myHost;
> > public PreprocessingWinSvc()
> > {
> > InitializeComponent();
> > }
> >
> > protected override void OnStart(string[] args)
> > {
> > try
> > {
> > //Create the host.
> >
> > Uri address = new
> > Uri("http://localhost:8080/PreprocessingService");
> > WSHttpBinding binding = new WSHttpBinding();
> > Type contract = typeof(IPreprocess);
> >
> > binding.MaxBufferPoolSize = 200000000;
> > binding.MaxReceivedMessageSize = 200000000;
> > binding.Name = "WSHttpBinding_IPreprocess";
> >
> > binding.Security.Mode = SecurityMode.Message;
> > binding.Security.Message.ClientCredentialType =
> > MessageCredentialType.Certificate;
> >
> > myHost = new ServiceHost(typeof(PreprocessingService));
> > myHost.AddServiceEndpoint(contract, binding, address);
> >
> > myHost.Credentials.ServiceCertificate.SetCertificate(
> > StoreLocation.LocalMachine, StoreName.My,
> > X509FindType.FindBySubjectName, "windowshost");
> >
> > ClientCredentials creds = new ClientCredentials();
> > // Configure peer trust.
> >
> > creds.ServiceCertificate.Authentication.CertificateValidationMode =
> > X509CertificateValidationMode.PeerOrChainTrust;
> >
> > //Creates an output file.
> > Stream MyOutputFile =
> > File.Create("c:\\checklog\\Logfile1.txt");
> > TextWriterTraceListener TextListener1 = new
> > TextWriterTraceListener(MyOutputFile);
> > Trace.Listeners.Add(TextListener1); //Add a listner to
> > Trace.
> >
> > // Writes output message to the output file and to a
> > console
> > screen.
> > Trace.WriteLine(DateTime.Now.ToLongTimeString() + " -
> > Service starting...");
> >
> >
> > myHost.Open();
> >
> > Trace.WriteLine("state = "+ myHost.State);
> >
> > // Flush and close the output file.
> > Trace.Flush();
> > TextListener1.Flush();
> > TextListener1.Close();
> > }
> > catch (Exception e)
> > {
> > Console.WriteLine("Message: {0}", e.Message);
> > }
> >
> >
> > }
> >
> > and the Client is:
> >
> >
> > namespace PreprocessingClient
> > {
> > class Program
> > {
> > static void Main(string[] args)
> > {
> > Console.WriteLine("**** Preprocessing Client ****");
> > EndpointAddress address = new
> > EndpointAddress("http://localhost:8080/PreprocessingService");
> > WSHttpBinding binding = new WSHttpBinding();
> > binding.MaxBufferPoolSize = 200000000;
> > binding.MaxReceivedMessageSize = 200000000;
> > System.ServiceModel.ChannelFactory<IPreprocess> cf =
> > new
> > System.ServiceModel.ChannelFactory<IPreprocess>(binding,
> > address);
> > cf.Credentials.ClientCertificate.SetCertificate(
> > StoreLocation.LocalMachine, StoreName.My,
> > X509FindType.FindBySubjectName, "WCFUser");
> > cf.Credentials.ServiceCertificate.SetDefaultCertificate(
> > StoreLocation.LocalMachine, StoreName.My,
> > X509FindType.FindBySubjectName,"windowshost");
> > IPreprocess proxy = cf.CreateChannel();
> > // PreprocessClient proxy = new PreprocessClient();
> > //proxy.Open(); //open the client's proxy
> >
> > proxy.EnableMatGui(false);
> > }
> >
> >
> > The app.config for the client is :
> >
> >
> > <?xml version="1.0" encoding="utf-8" ?>
> > <configuration>
> > <system.serviceModel>
> > <bindings>
> > <wsHttpBinding>
> > <binding name="WSHttpBinding_IPreprocess"
> > closeTimeout="00:01:00"
> > openTimeout="00:01:00" receiveTimeout="00:10:00"
> > sendTimeout="00:40:00"
> > bypassProxyOnLocal="false" transactionFlow="false"
> > hostNameComparisonMode="StrongWildcard"
> > maxBufferPoolSize="200000000"
> > maxReceivedMessageSize="20000000"
> > messageEncoding="Text" textEncoding="utf-8"
> > useDefaultWebProxy="true"
> > allowCookies="false">
> > <readerQuotas maxDepth="32"
> > maxStringContentLength="8192" maxArrayLength="16384"
> > maxBytesPerRead="4096"
> > maxNameTableCharCount="16384"
> > />
> > <reliableSession ordered="true"
> > inactivityTimeout="00:10:00"
> > enabled="false" />
> > <security mode="Message">
> > <transport clientCredentialType="Windows"
> > proxyCredentialType="None"
> > realm="" />
> > <message clientCredentialType="Certificate"
> > negotiateServiceCredential="true"
> > algorithmSuite="Default"
> > establishSecurityContext="true" />
> > </security>
> > </binding>
> > </wsHttpBinding>
> > </bindings>
> > <client>
> > <endpoint
> > binding="wsHttpBinding"
> > bindingConfiguration="WSHttpBinding_IPreprocess"
> > contract="ServiceReference1.IPreprocess"
> > name="WSHttpBinding_IPreprocess">
> > <identity>
> > <servicePrincipalName value="host/Avacta-n31m-1" />
> > </identity>
> > </endpoint>
> > </client>
> > </system.serviceModel>
> > </configuration>
> >
> >
> >
> > cheers,
> >
> > Manjree
> >
Sent date: 06/09/2008
From: (email address - cut out) (Steven Cheng [MSFT])
Message:Hi Manj,
Any progress on this issue? I'm still monitoring the thread, if there is
anything else we can help, please don't hesitate to post here.
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
(email address - cut out).
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
Date: Thu, 05 Jun 2008 04:42:46 GMT
Subject: Re: System.ServiceModel.Security.SecurityNegotiationException
Hi Manj,
Thanks for your reply.
The error seems still concerns with the certificate (which may not be
validated as trusted one).
Have you got the configuration setting in windows service working(setup WCF
service host without using code)? Also, as I suggested previously, you can
use a console application for test first so as to simplfy the
troubleshooting.
Here is the article which mentioned most info about using certificate
authentication with message layer security. You can check some of the
configuration setting with yours:
#WCF security: How to configure message security with x509 authentication
http://developers.de/blogs/damir_dobric/archive/2006/09/24/931.aspx
If you still cannot find the cause, I can send you a test solution I used
on my side for your reference. BTW, for the test certificate, how did you
generate them? Are you using makecert.exe or windows certificate service?
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
(email address - cut out).
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
Sent date: 06/11/2008
From: Manj
Message:Hi Steven,
Thanks for the followup. It is working now. I tried to reply you earlier
but was not able to reply on newsgroup for some reason (still wondering why?).
Cheers.
Manj.
"Steven Cheng [MSFT]" wrote:
Show quoted text
> Hi Manj,
>
> Any progress on this issue? I'm still monitoring the thread, if there is
> anything else we can help, please don't hesitate to post here.
>
> Sincerely,
>
> Steven Cheng
>
> Microsoft MSDN Online Support Lead
>
>
> Delighting our customers is our #1 priority. We welcome your comments and
> suggestions about how we can improve the support we provide to you. Please
> feel free to let my manager know what you think of the level of service
> provided. You can send feedback directly to my manager at:
> (email address - cut out).
>
> ==================================================
> Get notification to my posts through email? Please refer to
> http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
> ications.
>
> ==================================================
> This posting is provided "AS IS" with no warranties, and confers no rights.
> --------------------
> Date: Thu, 05 Jun 2008 04:42:46 GMT
> Subject: Re: System.ServiceModel.Security.SecurityNegotiationException
>
>
> Hi Manj,
>
> Thanks for your reply.
>
> The error seems still concerns with the certificate (which may not be
> validated as trusted one).
>
> Have you got the configuration setting in windows service working(setup WCF
> service host without using code)? Also, as I suggested previously, you can
> use a console application for test first so as to simplfy the
> troubleshooting.
>
> Here is the article which mentioned most info about using certificate
> authentication with message layer security. You can check some of the
> configuration setting with yours:
>
> #WCF security: How to configure message security with x509 authentication
> http://developers.de/blogs/damir_dobric/archive/2006/09/24/931.aspx
>
> If you still cannot find the cause, I can send you a test solution I used
> on my side for your reference. BTW, for the test certificate, how did you
> generate them? Are you using makecert.exe or windows certificate service?
>
> Sincerely,
>
> Steven Cheng
>
> Microsoft MSDN Online Support Lead
>
>
> Delighting our customers is our #1 priority. We welcome your comments and
> suggestions about how we can improve the support we provide to you. Please
> feel free to let my manager know what you think of the level of service
> provided. You can send feedback directly to my manager at:
> (email address - cut out).
>
> ==================================================
> Get notification to my posts through email? Please refer to
> http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
> ications.
>
> ==================================================
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>
>
> --------------------
Sent date: 06/11/2008
From: (email address - cut out) (Steven Cheng [MSFT])
Message:Hi Manj,
Glad to hear from you and nice to get that it is working now.
Also, for the newsgroup accessing problem, does it still exists now and
whether it is a constinous problem if you try visiting any newsgroup from
IE? If so, please feel free to let me know, I'll help forward the problem
to the proper guys.
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
(email address - cut out).
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
Subject: Re: System.ServiceModel.Security.SecurityNegotiationException
Date: Wed, 11 Jun 2008 02:25:00 -0700
Hi Steven,
Thanks for the followup. It is working now. I tried to reply you earlier
but was not able to reply on newsgroup for some reason (still wondering
why?).
Cheers.
Manj.
"Steven Cheng [MSFT]" wrote:
Please
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
rights.
WCF
can
you
Please
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
rights.
Show quoted text
> Hi Manj,
>
> Any progress on this issue? I'm still monitoring the thread, if there is
> anything else we can help, please don't hesitate to post here.
>
> Sincerely,
>
> Steven Cheng
>
> Microsoft MSDN Online Support Lead
>
>
> Delighting our customers is our #1 priority. We welcome your comments and
> suggestions about how we can improve the support we provide to you.
> feel free to let my manager know what you think of the level of service
> provided. You can send feedback directly to my manager at:
> (email address - cut out).
>
> ==================================================
> Get notification to my posts through email? Please refer to
>
> ications.
>
> ==================================================
> This posting is provided "AS IS" with no warranties, and confers no
> --------------------
> Date: Thu, 05 Jun 2008 04:42:46 GMT
> Subject: Re: System.ServiceModel.Security.SecurityNegotiationException
>
>
> Hi Manj,
>
> Thanks for your reply.
>
> The error seems still concerns with the certificate (which may not be
> validated as trusted one).
>
> Have you got the configuration setting in windows service working(setup
> service host without using code)? Also, as I suggested previously, you
> use a console application for test first so as to simplfy the
> troubleshooting.
>
> Here is the article which mentioned most info about using certificate
> authentication with message layer security. You can check some of the
> configuration setting with yours:
>
> #WCF security: How to configure message security with x509 authentication
> http://developers.de/blogs/damir_dobric/archive/2006/09/24/931.aspx
>
> If you still cannot find the cause, I can send you a test solution I used
> on my side for your reference. BTW, for the test certificate, how did
> generate them? Are you using makecert.exe or windows certificate service?
>
> Sincerely,
>
> Steven Cheng
>
> Microsoft MSDN Online Support Lead
>
>
> Delighting our customers is our #1 priority. We welcome your comments and
> suggestions about how we can improve the support we provide to you.
> feel free to let my manager know what you think of the level of service
> provided. You can send feedback directly to my manager at:
> (email address - cut out).
>
> ==================================================
> Get notification to my posts through email? Please refer to
>
> ications.
>
> ==================================================
> This posting is provided "AS IS" with no warranties, and confers no
>
>
>
> --------------------
Email TopXML