I have a standalone Windows Server 2012 R2 instance (which happens to be in a VM hosted in Azure) where I have installed Service Bus 1.1, with the intent to have it managed via an Azure Pack setup. Additionally, I have created a self-signed CA cert and self-signed cert that I have in place on my server and exported/imported to my client machine. From a simple C# client, I am attempting to connect, create a queue, write to the queue, and read from the queue, but I cannot get past the initial connection.
The connection string in my app.config looks like this (where <vm> stands for the actual host name and <myNS> stands for my actual namespace; also, I have mapped the 8xxx endpoints on the VM into the actual 9xxx ports):
Endpoint=sb://<vm>.cloudapp.net/<myNS>;StsEndpoint=https://<vm>.cloudapp.net:8355/<myNS>;RuntimePort=8354;ManagementPort=8355;WindowsUsername=ServiceBusUser;WindowsDomain=<vm>;WindowsPassword=<password>
The user is a local user that has membership in the Administrators group. When I run the app using this connection string, I receive:
{"The token provider was unable to provide a security token while accessing 'https://<vm>.cloudapp.net:8355/<myNS>/$STS/Windows/';. Token provider returned message: ''."}
The nested InnerException is: "The remote server returned an error: (401) Unauthorized."
I have tried several different credentials and consistently end up with the 401. Alternatively, I have tried using SAS instead, but am sorting out a configuration exception that is thrown as the underlying library can't seem to parse the connection string correctly. I've searched quite a bit, but have only found information on authentication in forum and blog posts (perhaps I missed some msdn docs?). Is there a specific setup for a standalone server in regards to authentication for service clients?
Please remember to mark replies as answers if they help you.