3

I've been ask by the programming department to test deploying one of their app. For all I know about the app, is that it's a webservice wcf code c# for a wpf app. They did tell me that they did try to put the certificate directly in the webservice (to avoid the pain in the ass to register ssl certificate and save them in each client app).

So far no problem with me. But there the little trick.

I've been trying to deploy the thing in localhost (to be sure about the process to do it), and everything is good (did get the success svc loading page with this message ):

blabla success

svcutil.exe http://###deployment.eslan2.local/Service###.svc?wsdl

C#

class Test
{
    static void Main()
    {
       //how to blabla
       client.Close();
    }
}

but when I try to deploy the webservice on my IIS webserver (ws2K8R2 with IIS7.5), i get this nasty and not really helpfull error message :

Server Error in '/' Application.
The specified network password is not correct.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Security.Cryptography.CryptographicException: The specified network password is not correct.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:


[CryptographicException: The specified network password is not correct.]
   System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr) +41
   System.Security.Cryptography.X509Certificates.X509Utils._LoadCertFromBlob(Byte[] rawData, IntPtr password, UInt32 dwFlags, Boolean persistKeySet, SafeCertContextHandle& pCertCtx) +0
   System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromBlob(Byte[] rawData, Object password, X509KeyStorageFlags keyStorageFlags) +335
   System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(Byte[] rawData) +101
   Effect.ServiceModel.ServiceBehaviorHandlerAttribute.ApplyDispatchBehavior(ServiceDescription serviceDescription, ServiceHostBase serviceHostBase) +623

[ServiceModelException: An error occurs during service management.]
   Effect.ServiceModel.ServiceBehaviorHandlerAttribute.ApplyDispatchBehavior(ServiceDescription serviceDescription, ServiceHostBase serviceHostBase) +1782
   System.ServiceModel.Description.DispatcherBuilder.InitializeServiceHost(ServiceDescription description, ServiceHostBase serviceHost) +3565
   System.ServiceModel.ServiceHostBase.InitializeRuntime() +82
   System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout) +64
   System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) +789
   System.ServiceModel.HostingManager.ActivateService(String normalizedVirtualPath) +287
   System.ServiceModel.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath) +1132

I've spent 3 days looking around the net to find an answer, but nothing valuable so far.

I've been thinking it's not from my server but the code that error came from.

John Saunders
  • 425
  • 7
  • 22
Anarko_Bizounours
  • 976
  • 8
  • 20

1 Answers1

1

It's a pretty helpful error message actually.

Essentially the application is not starting because a "password" is not correct. However, password is the confusing part because this is most likely a certificate thumbprint and not a true password. The first stack trace points to the .NET crypto provider that is trying to read a X509 certificate.

It would appear that your web service is configured to use certificates for authentication. Potentially between the server and client, that I can't be sure of. Regardless it looks like you need to take a look and see if there is in fact a certificate in use on your development environment. Its possible this certificate is not trusted on your production box or is not properly loaded.

That's where I would start and go from there. Its hard to know exactly what you are attempting to do or what your code is doing. Overall though it looks to be an application setup issue, which this site may be minimally helpful in resolving. If it doesn't end up being a cert you may want to ask a moderator to migrate the question to StackOverflow where you may get more precise WCF assistance.

Brent Pabst
  • 6,059
  • 2
  • 23
  • 36
  • Thanks, I've asked the programming department manager, and it seem that the webservice use a certificate for auth between the client and the server. Well, I know where to look but, is there a way to configure my server to trut the certificate? – Anarko_Bizounours Aug 20 '12 at 14:33
  • Sure, you can either trust whoever issues the cert, hopefully a CA and not just self-signed. Or simply load the cert into the trusted cert folder on the box. – Brent Pabst Aug 20 '12 at 14:59
  • I just tried that. Unfortunatly it's not working. So for now I'll tell the developping party to check the certificate issue in the compagnie framework. – Anarko_Bizounours Aug 20 '12 at 15:18
  • the developping department finally sent me the application code this morning, I as able to disable the certificate in the wcf application and now the webservice is correctly deployed. So the problem come from the code, I did tell them, now let's see if they're able to fix it. Thank you for your help. – Anarko_Bizounours Aug 21 '12 at 08:17
  • 1
    Cool... yea it sounded like a code/config issue. – Brent Pabst Aug 21 '12 at 15:05