Exception: The client certificate is not provided

vajanko picture vajanko · Jan 13, 2012 · Viewed 13.5k times · Source

I am trying to configure WCF service with security. I have generated 2 certificates (for server and client side) stored in LocalComputer\Personal Certificates. My configuration is:

Server:

<netTcpBinding>
   <binding name="defaultBinding">
      <security mode="Transport">
         <transport clientCredentialType="Certificate"/>
      </security>
   </binding>
</netTcpBinding>

<service name="..." behaviorConfiguration="serviceBehavior">
   <endpoint address="..." binding="netTcpBinding" bindingConfiguration="defaultBinding" contract="...">
      <identity>
        <dns value="ClientSide"/>
      </identity>
    </endpoint>
 </service>

 <behavior name="serviceBehavior">
    <serviceCredentials>
       <serviceCertificate storeLocation="LocalMachine" storeName="My" findValue="ServerSide" x509FindType="FindBySubjectName"/>
       <clientCertificate>
          <authentication certificateValidationMode="None" revocationMode="NoCheck"/>
       </clientCertificate>
    </serviceCredentials>
 <behavior>

Client:

<netTcpBinding>
   <binding name="defaultBinding">
      <security mode="Transport">
         <transport clientCredentialType="Certificate"/>
      </security>
   </binding>
</netTcpBinding>

<endpoint name="..." binding="netTcpBinding" bindingConfiguration="defaultBinding" contract="..."
            behaviorConfiguration="endpointBehavior">
  <identity>
    <dns value="ServerSide"/>
  </identity>
</endpoint>

 <behavior name="endpointBehavior">
    <clientCredentials>
       <serviceCertificate>
          <authentication certificateValidationMode="None" revocationMode="NoCheck"/>
       </serviceCertificate>
       <clientCertificate storeLocation="LocalMachine" storeName="My" findValue="ClientSide" x509FindType="FindBySubjectName"/>
    </clientCredentials>
 <behavior>

I am getting the exception: The client certificate is not provided. Specify a client certificate in ClientCredentials

I have tried many tutorials, but none of them works. Any suggestion?

Answer

Coral Doe picture Coral Doe · Mar 23, 2012

The answer is actually in the Exception. You don't have a client certificate. You define a service certificate for the client certificate with this

<clientCredentials>
       <serviceCertificate>
          <authentication certificateValidationMode="None" revocationMode="NoCheck"/>
       </serviceCertificate>
       <clientCertificate storeLocation="LocalMachine" storeName="My" findValue="ClientSide" x509FindType="FindBySubjectName"/>
    </clientCredentials>

But what you actually should have done is defining a client certificate for the client

<system.serviceModel>
   <behaviors>
      <endpointBehaviors>
         <behavior name="endpointBehavior">
            <clientCredentials>
               <clientCertificate storeLocation="LocalMachine" storeName="My" findValue="ClientSide" x509FindType="FindBySubjectName" />
               <serviceCertificate>
                  <authentication certificateValidationMode="None" revocationMode="NoCheck" />
               </serviceCertificate>
            </clientCredentials>
         </behavior>
      </endpointBehaviors>
   </behaviors>
</system.serviceModel>

This should at least solve your The client certificate is not provided. Specify a client certificate in ClientCredentials exception.