I'm trying to follow along with the demo videos on the beginners to WCF page on MSDN.
The first video worked more or less fine. I'm now towards the end of the second video. I am using VS2010 / .NET 4.0, whereas the video seems to be using VS2008 (I'm assuming .NET 3.5, but I don't recall).
We've just added 3 more end points: a plain http, net.tcp, and net.pipe. When I try to run the project now the Web service fails to start.
System.InvalidOperationException: Cannot load the X.509 certificate identity specified in the configuration.
at System.ServiceModel.Description.ConfigLoader.LoadIdentity(IdentityElement element)
at System.ServiceModel.Description.ConfigLoader.LoadServiceDescription(ServiceHostBase host, ServiceDescription description, ServiceElement serviceElement, Action`1 addBaseAddress)
at System.ServiceModel.ServiceHostBase.LoadConfigurationSectionInternal(ConfigLoader configLoader, ServiceDescription description, ServiceElement serviceSection)
at System.ServiceModel.ServiceHostBase.LoadConfigurationSectionInternal(ConfigLoader configLoader, ServiceDescription description, String configurationName)
at System.ServiceModel.ServiceHostBase.ApplyConfiguration()
at System.ServiceModel.ServiceHostBase.InitializeDescription(UriSchemeKeyedCollection baseAddresses)
at System.ServiceModel.ServiceHost.InitializeDescription(Type serviceType, UriSchemeKeyedCollection baseAddresses)
at System.ServiceModel.ServiceHost..ctor(Type serviceType, Uri[] baseAddresses)
at Microsoft.Tools.SvcHost.ServiceHostHelper.CreateServiceHost(Type type, ServiceKind kind)
at Microsoft.Tools.SvcHost.ServiceHostHelper.OpenService(ServiceInfo info)
Based on my Google fu, I came across this thread: "Cannot load the X.509 certificate identity specified in the configuration"
I really didn't want to get involved in certificates just yet since I'm still just experimenting with the basics so I followed the advice in that post and just added the <dns value="localhost" /> tag. The exception changes:
Please try changing the HTTP port to 8732 or running as Administrator.
System.ServiceModel.AddressAccessDeniedException: HTTP could not register URL http://+:8080/EvalService/. Your process does not have access rights to this namespace (see http://go.microsoft.com/fwlink/?LinkId=70353 for details). ---> System.Net.HttpListenerException: Access is denied
at System.Net.HttpListener.AddAllPrefixes()
at System.Net.HttpListener.Start()
at System.ServiceModel.Channels.SharedHttpTransportManager.OnOpen()
--- End of inner exception stack trace ---
at System.ServiceModel.Channels.SharedHttpTransportManager.OnOpen()
at System.ServiceModel.Channels.TransportManager.Open(TransportChannelListener channelListener)
at System.ServiceModel.Channels.TransportManagerContainer.Open(SelectTransportManagersCallback selectTransportManagerCallback)
at System.ServiceModel.Channels.TransportChannelListener.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.HttpChannelListener.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Channels.DatagramChannelDemuxer`2.OnOuterListenerOpen(ChannelDemuxerFilter filter, IChannelListener listener, TimeSpan timeout)
at System.ServiceModel.Channels.SingletonChannelListener`3.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Dispatcher.ChannelDispatcher.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Security.NegotiationTokenAuthenticator`1.OnOpen(TimeSpan timeout)
at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Security.CommunicationObjectSecurityTokenAuthenticator.Open(TimeSpan timeout)
at System.ServiceModel.Security.SecurityUtils.OpenCommunicationObject(ICommunicationObject obj, TimeSpan timeout)
at System.ServiceModel.Security.SecurityUtils.OpenTokenAuthenticatorIfRequired(SecurityTokenAuthenticator tokenAuthenticator, TimeSpan timeout)
at System.ServiceModel.Security.SecurityProtocolFactory.Open(String propertyName, Boolean requiredForForwardDirection, SecurityTokenAuthenticator authenticator, TimeSpan timeout)
at System.ServiceModel.Security.SymmetricSecurityProtocolFactory.OnOpen(TimeSpan timeout)
at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Security.SecurityProtocolFactory.Open(Boolean actAsInitiator, TimeSpan timeout)
at System.ServiceModel.Security.SecurityListenerSettingsLifetimeManager.Open(TimeSpan timeout)
at System.ServiceModel.Channels.SecurityChannelListener`1.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Dispatcher.ChannelDispatcher.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Security.SecuritySessionSecurityTokenAuthenticator.OnOpen(TimeSpan timeout)
at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Security.CommunicationObjectSecurityTokenAuthenticator.Open(TimeSpan timeout)
at System.ServiceModel.Security.SecurityUtils.OpenCommunicationObject(ICommunicationObject obj, TimeSpan timeout)
at System.ServiceModel.Security.SecurityUtils.OpenTokenAuthenticatorIfRequired(SecurityTokenAuthenticator tokenAuthenticator, TimeSpan timeout)
at System.ServiceModel.Security.SecuritySessionServerSettings.OnOpen(TimeSpan timeout)
at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Security.SecuritySessionServerSettings.Open(TimeSpan timeout)
at System.ServiceModel.Security.SecurityListenerSettingsLifetimeManager.Open(TimeSpan timeout)
at System.ServiceModel.Channels.SecurityChannelListener`1.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Dispatcher.ChannelDispatcher.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open()
at Microsoft.Tools.SvcHost.ServiceHostHelper.OpenService(ServiceInfo info)
System.Net.HttpListenerException (0x80004005): Access is denied
at System.Net.HttpListener.AddAllPrefixes()
at System.Net.HttpListener.Start()
at System.ServiceModel.Channels.SharedHttpTransportManager.OnOpen()
So, I tried doing what it said: changing the port to be 8732, but the exception is still thrown, this time saying Please try changing the HTTP port to 8732...HTTP could not register URL http://+:8732/EvalService/.... :P
I've tried commenting out the new end points to no avail. Even the original ones fail with this error. Doesn't matter either if I put them back to the original port [not so] 1337.
Here's the App.config, and nothing stands out as problematic:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.web>
<compilation debug="true" />
</system.web>
<system.serviceModel>
<services>
<service name="EvalServiceLibrary.EvalService">
<clear />
<endpoint address="ws" binding="wsHttpBinding" contract="EvalServiceLibrary.IEvalService"
listenUriMode="Explicit">
<identity>
<dns value="localhost" />
<certificateReference storeName="My" storeLocation="LocalMachine"
x509FindType="FindBySubjectDistinguishedName" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"
listenUriMode="Explicit">
<identity>
<dns value="localhost" />
<certificateReference storeName="My" storeLocation="LocalMachine"
x509FindType="FindBySubjectDistinguishedName" />
</identity>
</endpoint>
<endpoint address="basic" binding="basicHttpBinding" contract="EvalServiceLibrary.IEvalService"
listenUriMode="Explicit">
<identity>
<dns value="localhost" />
<certificateReference storeName="My" storeLocation="LocalMachine"
x509FindType="FindBySubjectDistinguishedName" />
</identity>
</endpoint>
<endpoint address="net.tcp://localhost:8888/EvalService" binding="netTcpBinding"
contract="EvalServiceLibrary.IEvalService" listenUriMode="Explicit">
<identity>
<dns value="localhost" />
<certificateReference storeName="My" storeLocation="LocalMachine"
x509FindType="FindBySubjectDistinguishedName" />
</identity>
</endpoint>
<endpoint address="net.pipe://localhost/EvalService" binding="netNamedPipeBinding"
bindingConfiguration="" contract="EvalServiceLibrary.IEvalService" />
<host>
<baseAddresses>
<add baseAddress="http://localhost:8080/EvalService" />
</baseAddresses>
</host>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="True"/>
<serviceDebug includeExceptionDetailInFaults="False" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
</configuration>
What is wrong / how do I fix it?
A seemingly working solution for the latter of the two problems above (the HTTP could not register URL one) can be found in the VS2010 Training Kit posted in the comments of Gabobcat's answer (by him).
In the 4th exercise, "Ex4-ServiceDiscovery", you are given what appears to be a chat application that uses WCF services to communicate between two clients. It uses a discovery feature to find peers on the network. Long story short, the same exception occurs when you initially try running the completed application (after filling in the discovery events as laid out in the exercise). Bundled with the Training Kit is a couple of batch scripts (which AFAICT uses Microsoft's "open source" license so I should be able to share these scripts) to set or delete "URL ACLs". In practice, they appear to only be a single (useful) command:
File: AddURLACL.cmd
@Echo Off
@Echo Grant permissions for URL reservation
@Echo Parameter 1 "%1" == port
@Echo Parameter 2 "%2" == URL
pause
netsh http add urlacl url=http://+:%1/%2 user=%USERDOMAIN%\%USERNAME%
File: DelURLACL.cmd
@Echo Off
@Echo Deletes permissions for URL reservation
@Echo Parameter 1 "%1" == port
@Echo Parameter 2 "%2" == URL
pause
netsh http delete urlacl url=http://+:%1/%2
Obviously, the netsh commands are the only ones that matter. The example project has you use the following command (from a "Run as Administrator" Command Prompt window) to "fix" this exception:
C:\VS2010TrainingKit\Labs\WhatsNewInWCF4\Source\Setup\AddURLACL.cmd 8000
(I used the absolute path just to show you where in the Training Kit you could find these scripts; personally I was in the WhatsNewInWCF4\Source directory when I did this)
The string 8000 only occurs 1 time throughout this project:
C:\VS2010TrainingKit\Labs\WhatsNewInWCF4\Source\Ex4-ServiceDiscovery\Begin\C#>findstr /n /s "8000" *
DiscoveryChat\SimpleChat.cs:376: this.localAddress = new Uri("http://localhost:8000/" + Guid.NewGuid().ToString());
It appears that port 8000 is the port that the chat clients are trying to launch a service host on (don't ask me how they all share it...I assume that the ServiceHost class they use is intelligent enough to reuse an existing service...).
I haven't experimented thoroughly with this yet, but it seems to have "fixed" my EvalService project (when I changed the port to 8000). That is currently with most endpoints removed (only the basicHttpBinding endpoint left) and the baseAddress set to localhost:8000.
Let me know if this works for you too.