WCF客户端自签名证书
[英]WCF client self-signed certificate
问题描述
I want to enable https for my WCF service and limit usage to only 1 client using client certificate. 
我想为我的WCF服务启用https,并将使用客户端证书的使用限制为仅1个客户端。
Can I generate self-signed client certificate and give it to the only client protected with password? 我可以生成自签名客户端证书并将其授予受密码保护的唯一客户端吗? and enable wcf to accept only that certificate? 并启用wcf以仅接受该证书?
I don't want my client to use certificate provided by some CA, instead I want to give it's system my own generated one. 我不希望我的客户使用某些CA提供的证书,而是我想给它一个由我自己生成的证书的系统。
EDIT : 编辑 :
As far as I've pointed, client certificates can be used for authentication because of Public/Private key architecture, Client has private key and encrypts data with it, server has it's public key and tries to decrypt data with it,( in RSA a data encrypted with private key can only decrypted with corresponding public key,) so if decryption succeeds server knows it was sent by particular client. 据我所指出的,由于公共/专用密钥体系结构,客户端证书可用于身份验证,客户端具有私钥并使用其加密数据,服务器具有公钥并尝试使用其解密数据,(在RSA中用私钥加密的数据只能用相应的公钥解密),因此如果解密成功,服务器就会知道它是由特定客户端发送的。
2 个解决方案
解决方案1
2 2013-07-17 03:38:23
You can do that by configuring your service over two separate end points one secured (with certificate) and one without certificate. 您可以通过在两个单独的端点上配置服务来实现此目的,一个是安全的(带有证书),另一个是没有证书的端点。 Check this post for general understanding (not specific to WCF) over Self signed certificate vs CA certificate - Self-signed SSL Cert or CA? 通过自签名证书与CA证书,查看此帖子以了解一般知识(不特定于WCF)- 自签名SSL证书还是CA?
解决方案2
0 2013-07-26 07:21:23
The complexity of this tutorial is one of the many examples that drove me away from WCF: http://msdn.microsoft.com/en-us/library/windowsazure/hh289316.aspx 本教程的复杂性是使我远离WCF的众多示例之一: http : //msdn.microsoft.com/zh-cn/library/windowsazure/hh289316.aspx
Alternatively, you can setup something similar in other frameworks with much less code :) 另外,您可以用更少的代码在其他框架中设置类似的东西:)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.