Cryptic WCF error messages (part 2 of N)

We continue our journey in WCF error messages. Today’s error is actually somehow related to the first cryptic WCF error message. The use case here again includes X.509 certificates. This time we are just using xml digital signature without encryption. When we run our client we get the following error:

Cannot resolve KeyInfo for verifying signature: KeyInfo 'SecurityKeyIdentifier
(
IsReadOnly = False,
Count = 1,
Clause[0] = X509IssuerSerialKeyIdentifierClause(Issuer = 'CN=Root Agency', Serial = '-52580476043899823005482728065021010894')
)
', available tokens 'SecurityTokenResolver
(
TokenCount = 1,
TokenEntry[0] = (AllowedReferenceStyle=External, Token=System.IdentityModel.Tokens.X509SecurityToken, Parameters=System.ServiceModel.Security.Tokens.X509SecurityTokenParameters:
InclusionMode: Never
ReferenceStyle: Internal
RequireDerivedKeys: False
X509ReferenceStyle: Any)
)
'.

Since we already know how to configure wcf tracing we did just that on the server. Surprisingly enough the trace contained no error! Furthermore, the message logs in the server shows that the server got a valid request and even sent the correct response. Hmmm…
The next step is to configure tracing and logging at the client. The logging seems fine and the trace log shows us the same exception “Cannot resolve KeyInfo…”.

What happened is exactly the same as with last time: The client and the server are not using matching X.509 certificates. As suggested there, you should verify the correctness of the X.509 references in web/app.config. If that doesn't help - remove and reinstall the relevant certificates from the windows certificate store.

What's next? get this blog rss updates or register for mail updates!