'Sending client certificate via WCF to causes an error: "The HTTP request was forbidden with client authentication scheme 'Anonymous'"

I have an IIS ASP.NET service that needs to make calls to another IIS service via WCF https, where the other service requires a client certificate.

Following this guide, I have added the following code (on the source side):

  WSHttpBinding binding = new WSHttpBinding();      
  binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;      
  binding.Security.Mode = SecurityMode.Transport;

  m_wcfProxy = new IISSecurityServices.SecurityServiceClient();
  m_wcfProxy.Endpoint.Binding = binding;
  m_wcfProxy.Endpoint.Address = new EndpointAddress(m_wcfProxyEndpointAddress);            
  m_wcfProxy.ClientCredentials.ClientCertificate.Certificate = new X509Certificate2("D:\\0\\SslClientCert.cer"); ;

The only difference above is that I am loading the certificate (which is the same certificate used by the target service) from a file.

Now, when I make a call, I get the following error:

The HTTP request was forbidden with client authentication scheme 'Anonymous'

I can't see what I have missed here. Why is this not working for me?

asp.netwcf


Solution 1:[1]

Pay attention to this paragraph of that article.

In this scenario, the service is hosted under Internet Information Services (IIS) which is configured with Secure Sockets Layer (SSL). The service is configured with an SSL (X.509) certificate to allow clients to verify the identity of the server. The client is also configured with an X.509 certificate that allows the service to verify the identity of the client. The server’s certificate must be trusted by the client and the client’s certificate must be trusted by the server.

On the server-side, hosting the WCF with transport security requires an Https binding in the IIS site binding module, namely, bind a certificate to the port, then expose the service with this port. Besides, please note that we should establish the trust relationship between the server-side and the client-side, that is, install each other’s certificate in the Trusted Root Certification Authorities locally if you are using a self-signed certificate.
Feel free to let me know if the problem still exists.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Abraham Qian

Related Questions

Passing data from database containing new line breaks jquery

Creating .ICS files, adding to outlook

ASP.NET: HTTP Error 500.19 – Internal Server Error 0x8007000d

The configuration section cannot contain a CDATA or text element

Attempting to make enter button 'clickable'

automapper map interface to interface or object

How to show or hide contents of an aspx page based on current user's roles

The server response was: 5.7.0 Must issue a STARTTLS command first. i16sm1806350pag.18 - gsmtp

IIS 8.0 Detailed 500.0 Internal Server Error - IsapiModule Not Found

EntityDataSource - how to do WHERE Clause from different table

No authentication handler is registered for the scheme 'Cookies'. The registered schemes are: Application, Bearer, ASOS

How to use jquery in ASP.​NET Core

Create HTML table from a list

How to change Text of button in FileUpload control and set value to textbox

How to add project reference to ASP.NET Core 1.0 MVC project