Hello,
I have two WCF applications that are deployed to IIS 8 on different machines. I am trying to setup client certificate authentication to authenticate the first application when invoking the rest services of the second application. I have followed many step-by-step guides online to do the setup for both applications. I have resolved many errors during setup but now I am stuck with a new issue anbd I can't seem to a find a solution for the problem anywhere online.
The error is:
[HttpException (0x80004005): The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was ''.]
Step-by-step guide:
http://blogs.iis.net/rlucero/iis-7-walkthrough-one-to-one-client-certificate-mapping-configuration
Client Web Config
<webHttpBinding>
<binding name="WebHttpBinding_Meniga" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="52428800" maxReceivedMessageSize="65536000" maxBufferSize="65536000" useDefaultWebProxy="true" allowCookies="false" transferMode="StreamedRequest">
<readerQuotas maxDepth="32" maxStringContentLength="81920000" maxArrayLength="16384000" maxBytesPerRead="4096" maxNameTableCharCount="16384000" />
<security mode="Transport">
<transport clientCredentialType="Certificate" />
</security>
</binding>
</webHttpBinding>
<behaviors>
<endpointBehaviors>
<behavior name="LoggingBehaviourConfiguration">
<parameterLogger />
<clientCredentials>
<clientCertificate findValue="datapower.rest.dev.can" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
</clientCredentials>
</behavior>
<behavior name="NoLoggingBehaviourConfiguration">
<parameterLogger />
<clientCredentials>
<clientCertificate findValue="datapower.rest.dev.can" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
</clientCredentials>
</behavior>
<behavior name="LoggingBehaviourRestConfiguration">
<menigaWebHttp />
<parameterLogger />
<clientCredentials>
<clientCertificate findValue="datapower.rest.dev.can" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
</clientCredentials>
</behavior>
<behavior name="NoLoggingBehaviourRestConfiguration">
<menigaWebHttp />
<parameterLogger />
<clientCredentials>
<clientCertificate findValue="datapower.rest.dev.can" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
</clientCredentials>
</behavior>
Server Web Config
<webHttpBinding>
<binding name="WebHttpBinding_Meniga" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="52428800" maxReceivedMessageSize="65536000" useDefaultWebProxy="true" allowCookies="false" transferMode="StreamedRequest">
<readerQuotas maxDepth="32" maxStringContentLength="81920000" maxArrayLength="16384000" maxBytesPerRead="4096" maxNameTableCharCount="16384000" />
<security mode="Transport">
<transport clientCredentialType="Certificate" />
</security>
</binding>
</webHttpBinding>
<serviceBehaviors>
<behavior name="MenigaServices.DefaultBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<errorHandler />
<auditErrorHandler />
<serviceCredentials>
<clientCertificate>
<authentication certificateValidationMode="PeerTrust" />
</clientCertificate>
<serviceCertificate findValue="stcdevmng51.dev.can" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
</serviceCredentials>
</behavior>
<behavior name="Meniga.Runtime.RuntimeServiceBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<errorHandler />
<serviceCredentials>
<clientCertificate>
<authentication certificateValidationMode="PeerTrust" />
</clientCertificate>
<serviceCertificate findValue="stcdevmng51.dev.can" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
</serviceCredentials>
</behavior>
<behavior name="">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
<serviceCredentials>
<clientCertificate>
<authentication certificateValidationMode="PeerTrust" />
</clientCertificate>
<serviceCertificate findValue="stcdevmng51.dev.can" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
[HttpException (0x80004005): The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was ''.]