WCF self-hosted service with transport security (Authentication failed because the remote party has closed the transport stream.)

netshSecurityself-hostingwcf

I have a self-hosted service that I want to add transport security to.
I've set WSHttpBinding.SecurityMode to Transport and the ClientCredentialType to HttpClientCredentialType.None.
I've created a certificate and set it to my host with
ServiceHost.Credentials.ServiceCertificate.SetCertificate()
I've also registered it using
netsh http add sslcert ipport=127.0.0.1:80 certhash=[MyCertHash] certstorename=MY appid=[TheGuidOfTheAppTahtRunsTheService] verifyclientcertrevocation=disable

I'm getting the following error message whenever I try to call the service:
"Authentication failed because the remote party has closed the transport stream."

Does this mean the the client and server try to authenticate each other? How can I disable it?
To make things clear, I do not want to install a certificate at the client, I'm not looking for any authentication atm, just securing the messages content, if that's even possible.

Best Answer

This MSDN post may help solve your problem. The initial request in the post is to configure a different security mode than yours but they switch to Transport mode for troubleshooting and that info should apply to your situation.

If what you describe is all you've done to install the certificate then you're missing a few steps. The post outlines the process to get a valid certificate installed. Good luck!!

Related Solutions

WCF transport security with no authentication

You can have HTTPS communication without authentication, but you cannot have HTTPS communication without certificates, since HTTPS encryption uses certificates.

There are a few things to check:

Can you access the WSDL or another resource on the site over HTTPS in a browser?
Do you get any warnings about the certificate when doing so?

If you can't access the WSDL or another resource on the site over HTTPS, then HTTPS isn't configured on the server.

If you get warnings about the certificate, then you don't have a certificate that the client will trust. There are three options here; one is to get a valid certificate from somewhere like Verisign that will be trusted, the other is to install the certificate in a trusted part of the user's store (which you can't do as you mentioned), and the final is to turn off the cerificate revocation in the client's WCF configuration.

Wcf – netsh – The following command was not found error on Windows XP

On Windows XP netsh will not work properly.Better use httpcfg. You will need to download "WindowsXP-KB838079-SupportTools-ENU.exe" from Microsoft Download Center or try from here. Change:

netsh http add sslcert ipport=0.0.0.0:44300 appid ={00112233-4455-6677-8899-AABBCCDDEEFF} certhash=dafebdb65ec7544218bf9a1794c6424 0207f63b9

httpcfg set ssl -i 0.0.0.0:44300 -h dafebdb65ec7544218bf9a1794c64240207f63b9

This will create the SSL. To check type

httpcfg query ssl

in CMD.

Hope it helps.

Best Answer

Related Solutions

WCF transport security with no authentication

Wcf – netsh – The following command was not found error on Windows XP

Related Topic