I've been ask by the programming department to test deploying one of their app. For all I know about the app, is that it's a webservice wcf code c# for a wpf app. They did tell me that they did try to put the certificate directly in the webservice (to avoid the pain in the ass to register ssl certificate and save them in each client app).
So far no problem with me. But there the little trick.
I've been trying to deploy the thing in localhost (to be sure about the process to do it), and everything is good (did get the success svc loading page with this message ):
blabla success
svcutil.exe http://###deployment.eslan2.local/Service###.svc?wsdl
C#
class Test
{
static void Main()
{
//how to blabla
client.Close();
}
}
but when I try to deploy the webservice on my IIS webserver (ws2K8R2 with IIS7.5), i get this nasty and not really helpfull error message :
Server Error in '/' Application.
The specified network password is not correct.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Security.Cryptography.CryptographicException: The specified network password is not correct.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[CryptographicException: The specified network password is not correct.]
System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr) +41
System.Security.Cryptography.X509Certificates.X509Utils._LoadCertFromBlob(Byte[] rawData, IntPtr password, UInt32 dwFlags, Boolean persistKeySet, SafeCertContextHandle& pCertCtx) +0
System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromBlob(Byte[] rawData, Object password, X509KeyStorageFlags keyStorageFlags) +335
System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(Byte[] rawData) +101
Effect.ServiceModel.ServiceBehaviorHandlerAttribute.ApplyDispatchBehavior(ServiceDescription serviceDescription, ServiceHostBase serviceHostBase) +623
[ServiceModelException: An error occurs during service management.]
Effect.ServiceModel.ServiceBehaviorHandlerAttribute.ApplyDispatchBehavior(ServiceDescription serviceDescription, ServiceHostBase serviceHostBase) +1782
System.ServiceModel.Description.DispatcherBuilder.InitializeServiceHost(ServiceDescription description, ServiceHostBase serviceHost) +3565
System.ServiceModel.ServiceHostBase.InitializeRuntime() +82
System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout) +64
System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) +789
System.ServiceModel.HostingManager.ActivateService(String normalizedVirtualPath) +287
System.ServiceModel.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath) +1132
I've spent 3 days looking around the net to find an answer, but nothing valuable so far.
I've been thinking it's not from my server but the code that error came from.
Best Answer
It's a pretty helpful error message actually.
Essentially the application is not starting because a "password" is not correct. However, password is the confusing part because this is most likely a certificate thumbprint and not a true password. The first stack trace points to the .NET crypto provider that is trying to read a X509 certificate.
It would appear that your web service is configured to use certificates for authentication. Potentially between the server and client, that I can't be sure of. Regardless it looks like you need to take a look and see if there is in fact a certificate in use on your development environment. Its possible this certificate is not trusted on your production box or is not properly loaded.
That's where I would start and go from there. Its hard to know exactly what you are attempting to do or what your code is doing. Overall though it looks to be an application setup issue, which this site may be minimally helpful in resolving. If it doesn't end up being a cert you may want to ask a moderator to migrate the question to StackOverflow where you may get more precise WCF assistance.