问题
I transfered a workking WCF service from my development environment to the QA environment, including the certificates (Root Authority, Root Auth revocation list, Service certificate - including its PK).
Afterward I located the private key usihg 'FindPrivateKey' and gave all the relavent accounts full permissions to access the private key file at the file system level.
My app crashes with a Unhandled Exception: System.InvalidOperationException: Cannot load the X.509 certificate identity specified in the configuration.
I am stumped, I think I covered everything, but obviously not...
I have tried this on a Windows Service Host as well as a Console App Host. Same issue.
回答1:
I ran into this same error in a simple WFC service written with VS2010 SP1 on Win 7. The fix that I found was to add
<dns value="localhost" />
to the <identity> section of app.config
Source: http://social.msdn.microsoft.com/Forums/en-AU/wcf/thread/439539ef-e8d7-4e7d-b36e-b80acd401606
回答2:
this works for me :
<identity>
<certificateReference storeName="My" storeLocation="LocalMachine" x509FindType="FindBySubjectName" findValue="xxxxxxxx" />
<dns value="localhost" />
</identity>
回答3:
Here's a tutorial explaining how to create a certificate that is supposed to remedy this problem:
Codeplex WCF Security: How To Create and Install Temporary Certificates in WCF for Message Security During Development.
Hope that fixes what you needed - even though you asked this 6+ months ago!
Regards, Joe
回答4:
Does your certificate common name match your host domain name?
回答5:
I'm new to WCF and ran into this issue today when creating a simple WCF service. Just want to share some thoughts:
1. Fixing the issue - If you've read all other answers before Joe's (above) you'd know how to fix the issue ;) without the certificates
2. Fixing the issue with Certificates - I want to thank Joe for sharing a great link "How To: Create and Install Temporary Certificates in WCF for Message Security During Development"
Additionally: You can download WCF samples from Microsoft website.. You'll find a tool called 'FindPrivateKey' used in the above link
来源:https://stackoverflow.com/questions/530342/cannot-load-the-x-509-certificate-identity-specified-in-the-configuration