"Cannot load the X.509 certificate identity specified in the configuration"

I transfered a workking WCF service from my development environment to the QA environment, including the certificates (Root Authority, Root Auth revocation list, Service certificate - including its PK).

Afterward I located the private key usihg 'FindPrivateKey' and gave all the relavent accounts full permissions to access the private key file at the file system level.

My app crashes with a Unhandled Exception: System.InvalidOperationException: Cannot load the X.509 certificate identity specified in the configuration.

I am stumped, I think I covered everything, but obviously not...

I have tried this on a Windows Service Host as well as a Console App Host. Same issue.


I ran into this same error in a simple WFC service written with VS2010 SP1 on Win 7. The fix that I found was to add

<dns value="localhost" />

to the <identity> section of app.config

Source: http://social.msdn.microsoft.com/Forums/en-AU/wcf/thread/439539ef-e8d7-4e7d-b36e-b80acd401606

this works for me :

      <certificateReference storeName="My" storeLocation="LocalMachine"  x509FindType="FindBySubjectName" findValue="xxxxxxxx" />
      <dns value="localhost" />

Here's a tutorial explaining how to create a certificate that is supposed to remedy this problem:

Codeplex WCF Security: How To Create and Install Temporary Certificates in WCF for Message Security During Development.

Hope that fixes what you needed - even though you asked this 6+ months ago!

Regards, Joe

Does your certificate common name match your host domain name?

I'm new to WCF and ran into this issue today when creating a simple WCF service. Just want to share some thoughts:

1. Fixing the issue - If you've read all other answers before Joe's (above) you'd know how to fix the issue ;) without the certificates

2. Fixing the issue with Certificates - I want to thank Joe for sharing a great link "How To: Create and Install Temporary Certificates in WCF for Message Security During Development"

Additionally: You can download WCF samples from Microsoft website.. You'll find a tool called 'FindPrivateKey' used in the above link

Need Your Help

How do I force make/gcc to show me the commands?

gcc makefile verbosity

I'm trying to debug a compilation problem but I cannot seem to get GCC (or maybe it is make??) to show me the actual compiler and linker commands it is executing. Here is the output I am seeing:

How to Remove '\0' from a string in C#?


I would like to know how to remove '\0' from a string. This may be very simple but it's not for me since I'm a new C# developer.