I'm having a difficult time setting up this WCF Service with wsHttpBinding, Transport Security, x509 and, the key part, the Load Balancer (F5). This all works without a problem in our Dev environment but as soon as I put it behind the F5 it fails giving me this message:
System.ServiceModel.Security.SecurityNegotiationException: Could not establish trust relationship for the SSL/TLS secure channel with authority 'servicechannelcert'. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
Is there any additional setup I need to do in IIS or the Load Balancer to handle these requests?
Any help would be appreciated.
Below is the configuration files:
<binding name="wsHttpTransport">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647"
maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="Transport">
<transport clientCredentialType="Certificate" />
</security>
<service behaviorConfiguration="ChannelServiceBehavior" name="TestService">
<endpoint address=""
binding="wsHttpBinding"
bindingConfiguration="wsHttpTransport"
contract="TestService" />
<endpoint address="mex"
binding="wsHttpBinding"
bindingConfiguration="wsHttpTransport"
contract="IMetadataExchange"/>
<behavior name="ChannelServiceBehavior">
<serviceMetadata httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
<serviceCredentials>
<serviceCertificate findValue="x509-Dev" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="My" />
<clientCertificate>
<authentication certificateValidationMode="PeerTrust" />
</clientCertificate>
</serviceCredentials>
</behavior>