01.22
I was trying to set up a WCF net-tcp service on a test environment, but kept getting an error saying the certificate could not be found. The problem was down to a slight difference between the test certificates we were using locally, and the certificate we were given for the test environment. We’re using FindBySubjectDistinguishedName in the config.
The test certificate’s subject looked like this:
CN = TestCertName
Whereas the environment certificate’s subject looked like:
CN = CertName
OU = Company Ltd.
O = Company
L = Town
S = County
C = Country Code
All the examples I’ve seen just cover certificates with the CN part. This is straightforward to reference in the WCF config:
<serviceCredentials>
<serviceCertificate
storeLocation="LocalMachine"
storeName="My"
findValue="CN=TestCertName"
x509FindType="FindBySubjectDistinguishedName" />
</serviceCredentials>
However, when the certificate subject has multiple parts (i.e. more than just CN), you need to put all of them in the findValue attribute. But how to separate them? I tried several characters – space, comma, semicolon, colon – none worked. The certificate could not be found! Finally I noticed that in the top part of the certificate’s properties window, the values are separated by a comma and a space. Unbelievably, this also applies to the config! How intuitive. So for the “CertName” certificate above, here’s how to reference it in the WCF config:
<serviceCredentials>
<serviceCertificate
storeLocation="LocalMachine"
storeName="My"
findValue="CN=TestCertName, OU=Company Ltd., O=Company, L=Town, S=County, C=Country Code"
x509FindType="FindBySubjectDistinguishedName" />
</serviceCredentials>
Thanks a lot ! Spend a couple of hours running around with no real explanation. This one is really good ! You made my day