The inner exception is a much better source for this error message. The underlying message was
The NetworkCredentials provided were unable to create a Kerberos credential, see inner execption for details.
And from this exception the inner one’s detail was
InitializeSecurityContent failed. Ensure the service principal name is correct.
Adding clientCredentialType="None" solve this problem… by default it’s not None, but “Windows” which is relying on Kerberos.
<message clientCredentialType="None" negotiateServiceCredential="false" establishSecurityContext="false" />
Then,
I had the problem
The service certificate is not provided for target 'http://localhost:10000/Service1.svc'. Specify a service certificate in ClientCredentials.
So I found
this post on StackOverflow and remove everything under security to add only the mode to the security node to None.
<security mode="None"/>