Search code examples
c#web-serviceswcfwcf-securityws-security

WCF service works when going through Fiddler, but partially fails with "Could not establish secure channel for SSL/TLS with authority" error without

We are connecting to a third party web service, which we believe to built with old Java technology.

We connect to it via WCF. We had an issue getting it working which we solved in a related question.

The setup

The remote service has two types of call:

  • One that just has input fields
  • One that uses ws-security header too

Both are encryped on https.

The problem

If we use Fiddler as a man-in-the-middle to inspect the encrypted traffic, all works.

Without fiddler (Removing the fiddler certificates etc etc) the following happens:

  • Normal calls work (Yay!)
  • Calls with ws-security headers fail with "Could not establish secure channel for SSL/TLS with authority" error

We have tried playing with firewalls, restarting, uninstalling fiddler, wireshark etc etc but nothing is working.

Does anyone out there have any ideas of what we can try next.

Solution

  • Using wireshark we found a record with "Certificates Length: 0"

    Googling that came up with the following link.

    https://stackoverflow.com/a/4127130/3771616

    The problem was caused by:

    In app.config the custom binding had an empty httpsTransport tag. I changed this to:

    <httpsTransport requireClientCertificate="true" />