tags:

views:

2604

answers:

2
Q: 

Cannot find the X.509 Certificate using the following search criteria:

I get this message:

Cannot find the X.509 certificate using the following search criteria: StoreName 'My', StoreLocation 'LocalMachine', FindType 'FindBySubjectDistinguishedName', FindValue 'CN=HighBall'.

My web.config setup looks like this;

Authentication is set like...

    <authentication mode="Windows" />

The bindings are set for wsHttpBinging

  <wsHttpBinding>
    <binding name="BindingConfiguration">
      <security>
        <message clientCredentialType="UserName" />
      </security>
    </binding>
  </wsHttpBinding>

and my Service behavior is set as such...

    <behavior name="HighBall.Services.ServiceVerificationBehavior">
      <serviceAuthorization principalPermissionMode="UseAspNetRoles"
            roleProviderName="HighBallRoleProvider" />
      <serviceMetadata httpGetEnabled="true" />
      <serviceDebug includeExceptionDetailInFaults="true" />
      <serviceCredentials>
        <serviceCertificate findValue="CN=HighBall" />
        <userNameAuthentication userNamePasswordValidationMode="MembershipProvider"
            membershipProviderName="HighBallMembershipProvider" />
      </serviceCredentials>
    </behavior>

I've tried to figure out a way to verify what, how, and where to certificate is stored but am not sure how to do this. If anyone has any ideas on this error message I'd greatly appreciate the assist.

Thx, Adron

+1  A: 

Check the other post about the tool that you asked about. Verify your "my" storage and check if the CN="HighBall". I guess your CN is not just "HighBall", probably it has a top level domain. I think it's easier to look for the certificate serial number, i think it's faster than for it's canonical name and error prone.

Regards,

Victor

VP  2008-10-19 07:44:24
+1  A: 

Remember that ASP.NET runs as a different user. It may need to be assigned access to the certificate.

Richard Nienaber  2008-10-19 09:39:01
Can you provide any additional information damagednoob?
Richard Ev  2009-03-02 13:11:06
From my experience, only the user that installed the certificates into the store has rights to access them. ASP.NET then can't see the certificate when it tries to access it. You need to use a tool like winhttpcertcfg to give the ASP.NET user access.
Richard Nienaber  2009-03-02 14:17:52

related questions

Dynamic programming with WCF
WCF Service Returning "Method Not Allowed"
Exceptions in Web Services
What SPN do I need to set for a net.tcp service?
How do I unit test a WCF service?
Best practices for versioning your services with WCF?
Lazy Loading with a WCF Service Domain Model?
How many ServiceContracts can a WCF Service have?
How can I authenticate using client credentials in WCF just once?
WCF - Domain Objects and IExtensibleDataObject
InvalidOperationException while creating wcf web service instance
Closing and Disposing a WCF Service
What WCF best practices do you follow in object model design?
WCF push to client through firewall?
Loading System.ServiceModel configuration section using ConfigurationManager
I would like some tips for debugging WCF Web Service exceptions
What's the best way to authenticate over WCF?
Good Reads for Distributed Systems
.Net - Returning DataTables in WCF
What is the easiest way to add compression to WCF in Silverlight?
WCF Backward Compatibility Issue
Best Practices for securing a REST API / web service
Web Services -- WCF vs. Standard
C# WCF Service - Backward compatibility issue
WCF - High availability