IT Blog

Cannot load the X.509 certificate identity specified in the configuration

by on Mar.03, 2011, under Microsoft

You have a WCF application and trying to run it but it would not start.
In application event log you see Error event logged with Event ID 0:
2011-02-02 13:46:52 [(null)] [ApplicationName] [FATAL] –
— Exception data associated with the Log entry —System.InvalidOperationException: Cannot load the X.509 certificate identity specified in the configuration.
at System.ServiceModel.Description.ConfigLoader.LoadIdentity(IdentityElement element)
at System.ServiceModel.Description.ConfigLoader.LoadChannelBehaviors(ServiceEndpoint serviceEndpoint, String configurationName)
at System.ServiceModel.ChannelFactory.InitializeEndpoint(String configurationName, EndpointAddress address)
at System.ServiceModel.ChannelFactory`1..ctor(String endpointConfigurationName, EndpointAddress remoteAddress)
at System.ServiceModel.ChannelFactory`1..ctor(String endpointConfigurationName)
at System.ServiceModel.EndpointTrait`1.CreateSimplexFactory()
at System.ServiceModel.EndpointTrait`1.CreateChannelFactory()
at System.ServiceModel.ClientBase`1.CreateChannelFactoryRef(EndpointTrait`1 endpointTrait)
at System.ServiceModel.ClientBase`1.InitializeChannelFactoryRef()
at System.ServiceModel.ClientBase`1..ctor()

Obviously the problem is with the certificate but the question is which one.
If application was developed by someone else it might be the case that developers were using certificates that don’t exist on your system, so you need to identify them.
WCF applications come with config file which are plain text. Usually they are in the same location as the application itself but with config extension. So if your WCF application name is ApplicationName.exethe config file should be ApplicationName.exe.config.

Open that file in notepad and look for <identity>
If the application is looking for the certificate or certificates then you should see something like:
<certificateReference storeName=”My” storeLocation=”LocalMachine” x509FindType=”FindBySubjectName” findValue=”*.certificate.local”/>
In this line the certificate that the application is looking is called *.certificate.local. There might be more than one line like this but with different certificate names. Open management console and see if that certificate or certificates exists on your computer and are valid. If the certificate is not on the computer there are 2 posible option that you can try:
First: locate and install the missing certificate
Second: delete the line in the config file that is looking for the certificate. When deleting toy need to delete not only that one line but also <identity>before and </identity> after the line.

Also you could try to change the name of the certificate in config file to the one that exists on your system and is valid but I have not tried this option.


Leave a Reply