WCF Client Inner Exception: "The Security Support Provider Interface (SSPI) negotiation failed."


Creating a WCF Client in Visual Studio 2010, I struggled with this error.  I was running as the currently logged on user and the service was as well so this made no sense to me.  I found that this entry in the client app.config was the culprit:

<identity>
<userPrincipalName value="MYDOMAIN\MyUsername" />
</identity>

Simply deleting these 3 lines allowed me to test the client.

Let me know if this helped you!


Comments (23)

  1. Pramod Desai says:

    Thanks

    it helped a lot, after searching for an hour

  2. baba says:

    yes same error and it helped

  3. Chinese says:

    Thank you vary much!!!

  4. Well it did the trick… not sure how and why. But thanks!

  5. Michi says:

    Cool thanks, helped a lot 🙂

  6. Yaniv says:

    Thank you very much. It helped.

  7. Hendra Pratama says:

    Yes, great… Thanks. Do you have more details explanation about this problem?

  8. Jeff Sanders says:

    Yes.  You want to run in the context of the service not a particular user.

  9. dar3d says:

    You bet it did and saved me a lot of time. Thank you so much 🙂

  10. Akshay says:

    Thanks! It helped 🙂

  11. Alex says:

    Thank you! I didn't even see those 3 lines.

  12. Vibhu says:

    Thanks.. it really saved lot of time

  13. Andrew R says:

    Thanks, its my issue as well 🙂

  14. WCF learner says:

    you have saved my time man.. Thanks

  15. It worked like a charm after the alteration you suggested. Thanks buddy!

  16. Fred Bloggs says:

    Thanks that got my test application working but I was determined to make it work with those three lines left in.

    So this is what I did (on Windows 7 Pro logged on as a domain user));

    1) I needed to find out what my User Principal Name (UPN) was. A bit of Googling gave me this gem. Open a cmd prompt and run;

    whoami /upn

    This gave me; fred.bloggs@xyz.com

    2) But I'd also read that I needed to prefix this with my domain name. I ran whoami again without the /upn switch;

    That gave me xyzfred.bloggs, so my domain is xyz.

    So putting it all together;

    <identity>

        <userPrincipalName value="xyzfred.bloggs@xyz.com />

    </identity>

    It works!!

    Hope that helps someone out 🙂

    1. kwhitefoot says:

      Hmm. Doesn’t work for me. 🙁

  17. Ak says:

    Thanks Fred. It worked for me 🙂

  18. JM says:

    Great!!! It works!! Thank you..

  19. gitere says:

    thanks alot

  20. Murali Mohan Parvatha says:

    Simple trick saved my time 🙂
    Thanks for the post

  21. kwhitefoot says:

    Thank you for posting this. It worked for me and reduced my blood pressure! There are several bugs in the MS tutorial on WCF and failing to mention this is one of them. I followed the tutorial using VS 2017 15/6/1, Framework 4.7.02556.

    As Hendra Pratama says: do you or anyone else have any more details about this?

Skip to main content