"Cannot load the X.509 certificate identity specified in the configuration"

Question

I transfered a workking WCF service from my development environment to the QA environment, including the certificates (Root Authority, Root Auth revocation list, Service certificate - including its PK).

Afterward I located the private key usihg 'FindPrivateKey' and gave all the relavent accounts full permissions to access the private key file at the file system level.

My app crashes with a Unhandled Exception: System.InvalidOperationException: Cannot load the X.509 certificate identity specified in the configuration.

I am stumped, I think I covered everything, but obviously not...

I have tried this on a Windows Service Host as well as a Console App Host. Same issue.

score 27 · Answer 1 · answered Oct 03 '11 at 12:01

27

I ran into this same error in a simple WFC service written with VS2010 SP1 on Win 7. The fix that I found was to add

<dns value="localhost" />

to the <identity> section of app.config

Source: http://social.msdn.microsoft.com/Forums/en-AU/wcf/thread/439539ef-e8d7-4e7d-b36e-b80acd401606

answered Oct 03 '11 at 12:01

hortman

1,086
10
11

1

It also worked for me. Just to add that for multiple endpoints you have to add it in all endpoints. – ileon Jul 31 '12 at 21:25
Don't quite understand, why it could solve the problem, how localhost dns plays in this picture. – hardywang Apr 25 '13 at 23:47

score 8 · Answer 2 · answered Oct 15 '12 at 18:12

8

this works for me :

    <identity>
      <certificateReference storeName="My" storeLocation="LocalMachine"  x509FindType="FindBySubjectName" findValue="xxxxxxxx" />
      <dns value="localhost" />
    </identity>

answered Oct 15 '12 at 18:12

Rally

81
1
1

score 1 · Answer 3 · answered Sep 11 '09 at 15:36

Here's a tutorial explaining how to create a certificate that is supposed to remedy this problem:

Codeplex WCF Security: How To Create and Install Temporary Certificates in WCF for Message Security During Development.

Hope that fixes what you needed - even though you asked this 6+ months ago!

Regards, Joe

score 0 · Answer 4 · answered Sep 06 '13 at 11:04

I'm new to WCF and ran into this issue today when creating a simple WCF service. Just want to share some thoughts:

1. Fixing the issue - If you've read all other answers before Joe's (above) you'd know how to fix the issue ;) without the certificates

2. Fixing the issue with Certificates - I want to thank Joe for sharing a great link "How To: Create and Install Temporary Certificates in WCF for Message Security During Development"

Additionally: You can download WCF samples from Microsoft website.. You'll find a tool called 'FindPrivateKey' used in the above link

score 0 · Answer 5 · answered Jan 28 '11 at 03:09

0

Does your certificate common name match your host domain name?

answered Jan 28 '11 at 03:09

Yuan

2,690
4
26
38

"Cannot load the X.509 certificate identity specified in the configuration"

5 Answers5

Linked