SSL WCF "Could not establish trust relationship for the SSL/TLS secure channel with authority 'localhost'

c# wcf iis ssl
20,397

You most likely need to add explicit base addresses for the both protocols so WCF knows you want to bind to both. Try adding this to your <service> definition:

<host>
    <baseAddresses>
        <add baseAddress="http://your-hostname-here/" />
        <add baseAddress="https://your-hostname-here/" />
    </baseAddresses>
</host>

Also, make sure you're accessing the service via the machine's WINS/DNS name or you need to add an explicit host header to the web site instance under IIS.

Share:
20,397
JL.
Author by

JL.

Developer, Designer , Coder

Updated on July 09, 2022

Comments

  • JL.
    JL. almost 2 years

    I have a WCF web service that works perfectly with an http address, but since then I've needed to make sure it works over https.

    Because I am using IIS 7, the process was pretty easy to get the web site https binding up and running using this guide here

    I opened up a browser, and got the usual security prompts, but everything worked fine after I added the exception.

    I then decided to install the certificate because the certificate is local host, the server and client are the same machine - and let the wizard, automatically detect the location.

    I went back to my WCF CLIENT code, this is the client that calls the web services hosted in IIS (now https) and changed the binding in 2 places.

    1. Changed the address of the end point to https
    2. Changed the Security Mode to transport

    Ran the code and then got this error:

    "Could not establish trust relationship for the SSL/TLS secure channel with authority 'localhost'."

    Lastly I went back into IIS and under SSL settings, changed the setting to accept client certificates, and tried required checked or not, both times same error is produced.

    Any idea how to fix this?

    Update Issue 1 fixed - this was because certificate was issued to machine_name and I was using localhost in the configuration.

    Now that this works I am getting another issue:

    There was no endpoint listening at https://[machine_name]/Downloads.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details."

    Inner exception = "The remote server returned an error: (404) Not Found."

    Checked the web.config of the IIS site, and changed the DNS bindings to localhost.

    Still having fun with this, but according to Microsoft, this is exactly why WCF should be good, because it seperates the transport from the coding logic, but so far I have to tell you, it seems really complicated.

    Update

    turned off windows firewall, did not help...

    Here is my binding in web.config

    <basicHttpBinding>
     <binding name="IncreasedTimeout" 
              closeTimeout="12:00:00" openTimeout="12:00:00"
              receiveTimeout="12:00:00"
              maxReceivedMessageSize="1000000"
              sendTimeout="12:00:00">
       <security>
         <transport></transport>
       </security>
     </binding>
</basicHttpBinding>

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

IIS hosted WCF with SSL security -"The HTTP request was forbidden with client authentication scheme 'Anonymous'" error
WCF HTTPS SSL Self Hosted Cert. How to Get Working Correctly?
The HTTP request was forbidden with client authentication scheme 'Anonymous'. The remote server returned an error: (403) Forbidden
"Authentication failed because the remote party has closed the transport stream" for normal users
500 Server error when hosting WCF
Is Application_Start of Global.asax is called by iis on wcf application when the iis is the host ?
server certificate is not configured properly with HTTP.SYS in the HTTPS case
EndpointNotFoundException - 404 - Hosting WCF Service over HTTPS in IIS through Visual Studio
Get username in WCF service using basic auth with IIS
Error: Cannot obtain Metadata from http ......?wsdl