All geek questions in one place

WCF service cannot access personal certificate store if service account is not registered

I created a WCF service that has a method that makes a SOAP web service call over the Internet.

To call the SOAP web service, an X.509 certificate must be sent using HttpWebRequest.

X.509 certificates are uploaded to the personal and trusted certificate store of the account in which the service is running.

When a service account is registered on the server, everything is working fine.

However, when the service account is not physically registered on the server, it has problems downloading the X.509 certificate and authentication failure when trying to do HttpWebRequest.

I am new to WCF services, so I don’t even know where to start.

Can anyone help? Thank.

+3
source share
2 answers

The problem was that the application pool did not load the default user account profile of the service.

You need to go to advanced application pool settings and set LoadUserProfile to true.

+5
source

You need to install the client certificate in the local store and access it from there, since your account is not interactive from the point of view of your application. You also have access to the client certificate for the user account that is used to start the WCF service.

Similar to http://support.microsoft.com/kb/901183

+2

Source: https://habr.com/ru/post/1762736/

More articles:


All Articles