473,320 Members | 1,955 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

WCF Transport Security fails if IIS running as NetworkService acco

Hi,

I'm working on a Web application that consumes a WCF Service that uses basic
HTTP binding with transport security and certificates for client credentials.
Just to clarify, the WebServer (IIS 7) is the client, and an application
that self hosts the WCF service is the server.

This is the binding configuration that I use on the client and service side:
<bindings>
<basicHttpBinding>
<binding name="basicHttpBindingWithTransportSecurity">
<security mode="Transport">
<transport clientCredentialType="Certificate" />
</security>
</binding>
</basicHttpBinding>
</bindings>

When I run IIS 7 using the default NetworkService account, I get this error:
Could not establish secure channel for SSL/TLS with authority
'localhost:50391'.

When I run IIS 7 using the LocalSystem account, or if I set the
clientCredentialType="None", then it works just fine.

What is it that causes the clientCredentialType="Certificate" to require
elevated rights in IIS 7?
I don't think it is access to the certificate, since I can see the public
key in debug.
(client.ClientCredentials.ClientCertificate.Certif icate.PublicKey.EncodedKeyValue.RawData seems to have a value).

Thanks,
Erik
Aug 9 '07 #1
0 2543

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
by: Tom | last post by:
hello there's something that I don't understand what is the difference between running a service in say User context and LocalService security context ? and what is the difference between...
1
by: Stephen Corey | last post by:
I've got a windows service running as NetworkService on a WinXP Pro machine. Is there a way for it to find the Active Directory account of the logged on user? I don't mind switching the service to...
16
by: Marina | last post by:
Hi, I am trying to find the minimum security settings to allow a windows control embedded in IE have full trust. If I give the entire Intranet zone full trust, this works. However, this is...
4
by: cs_hart | last post by:
I am trying to send an email using our mailserver but keep getting an error. Here is the code: SmtpMail.SmtpServer = "MAILSERV.meas-inc.com" SmtpMail.Send(me@myserv.com", "someuser@mail.com", "Sub...
8
by: Manfred Braun | last post by:
Hello All! I am writing a management application, which has to access remote machines registry via System.Diagnostics.EventLog.CreateEventSource . For each machine, I connect to, I create a...
0
by: Brent | last post by:
After six months flawless operation, I'm suddenly getting this error: "Unable to read data from the transport connection." The code* hasn't changed, and from what I can see, neither have the IP...
1
by: bthubbard | last post by:
Hello All, I've run into a bit of an issue and I was hoping that someone here could help me. I have inherited a Windows Service written in .Net 2.0 (C#) from a previous employee. It build...
0
by: palmem | last post by:
I am trying to write a simple FTP server in order to learn about sockets This is my first time trying sockets This code should take a connection on port 8110, dump it to a client "thread" (not...
1
by: Tobias Grimm | last post by:
Hi! I'm trying to get a WebService running (self hosting, without IIS) that uses SSL and loads the SSL key/certificate from a file (without using httpcfg.exe). I have a running service and...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.