tags:

views:

2586

answers:

2
Q: 

WCF self-hosted service with transport security (Authentication failed because the remote party has closed the transport stream.)

Hi,

I have a self-hosted service that I want to add transport security to. I've set WSHttpBinding.SecurityMode to Transport and the ClientCredentialType to HttpClientCredentialType.None. I've created a certificate and set it to my host with ServiceHost.Credentials.ServiceCertificate.SetCertificate() I've also registered it using netsh http add sslcert ipport=127.0.0.1:80 certhash=[MyCertHash] certstorename=MY appid=[TheGuidOfTheAppTahtRunsTheService] verifyclientcertrevocation=disable

I'm getting the following error message whenever I try to call the service: "Authentication failed because the remote party has closed the transport stream."

Does this mean the the client and server try to authenticate each other? How can I disable it? To make things clear, I do not want to install a certificate at the client, I'm not looking for any authentication atm, just securing the messages content, if that's even possible.

A: 

This MSDN post may help solve your problem. The initial request in the post is to configure a different security mode than yours but they switch to Transport mode for troubleshooting and that info should apply to your situation.

If what you describe is all you've done to install the certificate then you're missing a few steps. The post outlines the process to get a valid certificate installed. Good luck!!

Sixto Saez  2008-10-13 14:18:51
Thanks, but I'm not using the certificate for authentication, just for encryption, so it's quite a different scenarion.Anyway, I've added the cert to the TrustedPeople but it didn't help.
Meidan Alon  2008-10-13 14:27:33
+2  A: 

Certificates can be a pain in the ass some times to get working. First thing you should always do with WCF is turn on tracing:

http://msdn.microsoft.com/en-us/library/ms733025.aspx

Then, you can use SVCTraceViewer to view the exceptions that your service is generating behind the scenes and get a little insight into what is happening, which is a must with many WCF problems. 9 out of 10 times, the trace will tell you everything you need to know.

Also, make sure that both the client and the server have the certificate configured, since the certificate needs to be installed on both machines.

jezell  2008-10-13 14:58:30

related questions

Encryption in C# Web-Services
How Do You Secure database.yml?
ASP.NET LocationProvider
What do you (or your company) use for wiping a machine?
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
Java: What is the best way to SFTP a file from a server
How do I call a Flex SWF from a remote domain using Flash (AS3) ?
Best way to store a database password in a startup script / config file?
Using VM to get around VPN restrictions
Best references for secure coding practices in ASP.NET and classic ASP.
Secure Memory Allocator in C++
Resolving Session Fixation in JBoss
Best Practices for securing a REST API / web service
Defensive programming
Personal Linux web server
Block user access to internals of a site using HTTP_REFERER
Is there an Unobtrusive Captcha for web forms?
My website got hacked... What should I do?
What all do I need to escape when sending a (My)SQL query?
How do you disable browser Autocomplete on web form field / input tag?
Best .NET obfuscation tools/strategy
Are there best practices for testing security in an Agile development shop?
What is the best way to avoid SQL injection attacks?
Found a critical bug, but the company doesn't care
PHP Session Security