WCF Service Unable to Access Personal Certificate Store Unless Service Account is Logged In
I created a WCF service that has a method which makes a call to a SOAP web service over the internet.
In order to make a call to the SOAP web service, it requires that an X.509 certificate be sen开发者_StackOverflowt with the HttpWebRequest.
The X.509 certificates are loaded in the Personal and Trusted Certificate store of the account which the service is running under.
When the service account is logged into the server, everything works just fine.
However, when the service account is not physically logged onto the server, it has problems loading up the X.509 certificate and fails authentication when trying to make the HttpWebRequest.
I am new to WCF services so I don't even know where to start looking.
Can anyone help? Thanks.
The problem was that the app pool doesn't load the user profile of the service account by default.
You have to go to the advanced settings for the app pool and set LoadUserProfile to true.
You need to install client certificate to the local machine store and access it from there, since your account is not interactive from your application standpoint. Also you have grant access to the client certificate for the user account that is used to run your WCF service.
Similar to http://support.microsoft.com/kb/901183
精彩评论