X509 certificate in Routing Service

Topics: Interop Bindings
Dec 1, 2011 at 1:32 PM

I have a WCF 4.0 solution wherein there is an Intermediate Routing Service between the client and the Actual End Service. I have configured a X509 cerrtificate on the end service and did the same in the client application. When there is no Routing, I was able to successfully hit the Service and get the response. But when there is Routing I'm getting the following exception:

" The message could not be processed. This is most likely because the action 'http://tempuri.org/ITemplateWCF2/DummyMethod' is incorrect or because the message contains an invalid or expired security context token or because there is a mismatch between bindings. The security context token would be invalid if the service aborted the channel due to inactivity. To prevent the service from aborting idle sessions prematurely increase the Receive timeout on the service endpoint's binding. "

Here are my config files:

Actual Service(web.config)

<system.serviceModel>
      <services>
    <service name="Maritz.MLM.Services.TemplateWCFService2.TemplateWCFService2" behaviorConfiguration="WCFService2">
     <endpoint address=""
      binding="wsHttpBinding" bindingConfiguration="wsHttpEndpointBinding"
      contract="Maritz.MLM.Services.TemplateWCF2.ITemplateWCF2">
         <identity>
             <dns value="localhost"/>
         </identity>
     </endpoint>
     <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
    </service>
   </services>
      <bindings>
          <wsHttpBinding>
              <binding name="wsHttpEndpointBinding" closeTimeout="00:01:00"
          openTimeout="00:01:00" receiveTimeout="00:50:00" sendTimeout="00:01:00">
                  <security mode="Message">
                      <message clientCredentialType="Certificate" establishSecurityContext="false"/>
                      <transport clientCredentialType="Windows"></transport>
                  </security>
              </binding>
          </wsHttpBinding>
      </bindings>
    <behaviors>
      <serviceBehaviors>
        <behavior name="WCFService2">
          <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
          <serviceMetadata httpGetEnabled="true"/>
          <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
          <serviceDebug includeExceptionDetailInFaults="true"/>
            <serviceCredentials>
                <clientCertificate>
                    <authentication certificateValidationMode="PeerTrust"/>
                </clientCertificate>
                <serviceCertificate findValue="WCfServer"
    storeLocation="CurrentUser"
    storeName="My"
    x509FindType="FindBySubjectName" />
            </serviceCredentials>
        </behavior>
      </serviceBehaviors>

    </behaviors>
    <serviceHostingEnvironment multipleSiteBindingsEnabled="true"/>
  </system.serviceModel>

 

Client application(app.config):

<system.serviceModel>
      <behaviors>
          <endpointBehaviors>
              <behavior name="CustomBehavior">
                  <clientCredentials>
                      <clientCertificate findValue="WcfClient" x509FindType="FindBySubjectName" storeLocation="CurrentUser" storeName="My" />
                      <serviceCertificate>
                          <authentication certificateValidationMode="PeerTrust"/>
                      </serviceCertificate>
                  </clientCredentials>
              </behavior>
          </endpointBehaviors>
      </behaviors>
    <bindings>
      <basicHttpBinding>
        <binding name="BasicHttpBinding_TemplateWCFService1V2" closeTimeout="00:01:00"
          openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
          allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
          maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
          messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
          useDefaultWebProxy="true">
          <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
            maxBytesPerRead="4096" maxNameTableCharCount="16384" />
          <security mode="None">
            <transport clientCredentialType="None" proxyCredentialType="None"
              realm="" />
            <message clientCredentialType="UserName" algorithmSuite="Default" />
          </security>
        </binding>
        <binding name="BasicHttpBinding_TemplateWCFService2" closeTimeout="00:01:00"
          openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
          allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
          maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
          messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
          useDefaultWebProxy="true">
          <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
            maxBytesPerRead="4096" maxNameTableCharCount="16384" />
          <security mode="None">
            <transport clientCredentialType="None" proxyCredentialType="None"
              realm="" />
            <message clientCredentialType="UserName" algorithmSuite="Default" />
          </security>
        </binding>
        <binding name="BasicHttpBinding_TemplateWCFService1V1" closeTimeout="00:01:00"
          openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
          allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
          maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
          messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
          useDefaultWebProxy="true">
          <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
            maxBytesPerRead="4096" maxNameTableCharCount="16384" />
          <security mode="None">
            <transport clientCredentialType="None" proxyCredentialType="None"
              realm="" />
            <message clientCredentialType="UserName" algorithmSuite="Default" />
          </security>
        </binding>
      </basicHttpBinding>
      <wsHttpBinding>
        <binding name="WSHttpBinding_ITemplateWCF2" closeTimeout="00:01:00"
          openTimeout="00:01:00" receiveTimeout="00:50:00" sendTimeout="00:01:00"
          bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
          maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text"
          textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
          <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
            maxBytesPerRead="4096" maxNameTableCharCount="16384" />
          <reliableSession ordered="true" inactivityTimeout="00:50:00"
            enabled="false" />
          <security mode="None">
            <transport clientCredentialType="Certificate" proxyCredentialType="None"
              realm="" />
            <message establishSecurityContext="false" />
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://localhost:8085/RoutingService.svc/TemplateWCFService1v2"
        binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_TemplateWCFService1V2"
        contract="TemplateWCFService1V2.TemplateWCFService1V2" name="BasicHttpBinding_TemplateWCFService1V2" />
      <endpoint address="http://localhost:8085/RoutingService.svc/TemplateWCFService1v1"
        binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_TemplateWCFService1V1"
        contract="TemplateWCFService1V1.TemplateWCFService1V1" name="BasicHttpBinding_TemplateWCFService1V1" />
      <endpoint address="http://localhost:8085/RoutingService.svc/TemplateWCFService2"
        binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_ITemplateWCF2" behaviorConfiguration="CustomBehavior"
        contract="TemplateWCFService2.ITemplateWCF2" name="WSHttpBinding_ITemplateWCF2">
        <identity>
          <dns value="WCfServer" />
        </identity>
      </endpoint>
    </client>
  </system.serviceModel>