server certificate is not configured properly with HTTP.SYS in the HTTPS case
I once received this error because my client was using TLS 1.0 instead of TLS 1.2. Assuming that you have all of the correct SSL ciphers installed, you could attempt to alter your request to use TLS 1.2 instead. In .NET, you'd add this after your client is defined:
System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;
Once I switched to TLS 1.2, the error went away.
Paresh Varde
Microsoft Engineer with 15 years of vast experience on different windows and web technologies.
Updated on June 05, 2022Comments
-
Paresh Varde almost 2 years
I need to use a third party WCF service. I have configured the required certificate on my certificate store however I am getting following exception when calling the WCF service.
An error occurred while making the HTTP request to https://XXXX.com/AHSharedServices/CustomerServiceJAXWSController. This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server.
I checked with the service vendor and they said everything is good from their end and other people are using this service already. They mentioned that when a request comes from my IP Address their service is not receiving the certificate content. They monitored this into the wireshark and the certificate's length is 0
Following is the my client configuration. Am I missing anything here?
<?xml version="1.0" encoding="utf-8" ?> <configuration> <startup> <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" /> </startup> <system.diagnostics> <sources> <source name="System.ServiceModel.MessageLogging" switchValue="Warning, ActivityTracing"> <listeners> <add type="System.Diagnostics.DefaultTraceListener" name="Default"> <filter type="" /> </add> <add name="ServiceModelMessageLoggingListener"> <filter type="" /> </add> </listeners> </source> </sources> <sharedListeners> <add initializeData="D:\Log\MessageLog.svclog" type="System.Diagnostics.XmlWriterTraceListener, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" name="ServiceModelMessageLoggingListener" traceOutputOptions="Timestamp"> <filter type="" /> </add> </sharedListeners> <trace autoflush="true" /> </system.diagnostics> <system.serviceModel> <behaviors> <endpointBehaviors> <behavior name="endpointBehavior"> <clientCredentials> <clientCertificate findValue="XXX.XX.com" storeName="AddressBook" x509FindType="FindBySubjectName" /> <serviceCertificate> <authentication revocationMode="NoCheck" /> </serviceCertificate> </clientCredentials> </behavior> </endpointBehaviors> </behaviors> <bindings> <wsHttpBinding> <binding name="wsBinding"> <security mode="Transport"> <transport clientCredentialType="Certificate" /> </security> </binding> </wsHttpBinding> </bindings> <client> <endpoint address="https://XXXX.com/AHSharedServices/CustomerServiceJAXWSController" behaviorConfiguration="endpointBehavior" binding="wsHttpBinding" bindingConfiguration="wsBinding" contract="ServiceReference1.CustomerServiceJAXWSController" name="testService" /> </client> <diagnostics> <messageLogging logEntireMessage="true" logMalformedMessages="true" logMessagesAtTransportLevel="true" logKnownPii="true" logMessagesAtServiceLevel="true"/> </diagnostics> </system.serviceModel> </configuration> -
Badhon Jain about 7 yearsDo you mean you created the pfx from the server .crt and .key?
