[英]Could not establish trust relationship for the SSL/TLS secure channel with authority 'localhost' strange issue
Again strange issue to me. 再次给我一个奇怪的问题。
After I refocused my wcf from http to https, when I try to call .svc methods not from UI, I started to get this exception "Could not establish trust relationship for the SSL/TLS secure channel with authority 'localhost' issue". 将wcf从http调整为https之后,当我尝试不从UI调用.svc方法时,我开始收到此异常“无法为具有权限'localhost'问题的SSL / TLS安全通道建立信任关系”。 Also in InnerException I got this: "The remote certificate is invalid according to the validation procedure".
同样在InnerException中,我得到了这样的信息:“根据验证过程,远程证书无效。”
I have: 我有:
FunctionalApplicationBlock.InitializeWithShielding("BusinessServices Application");
if (Microsoft.WindowsAzure.CloudConfigurationManager.GetSetting("SkipServerCertificateValidation") == "true")
{
ServicePointManager.ServerCertificateValidationCallback = (snder, cert, chain, error) => true;
}
In Globasl.asax 在Globasl.asax中
I have: 我有:
<system.identityModel>
<identityConfiguration>
<certificateValidation certificateValidationMode="None"/>
</identityConfiguration>
</system.identityModel>
in Web.config. 在Web.config中。
My binding is: 我的绑定是:
<behaviors>
<serviceBehaviors>
<behavior name="CustomeBehavior">
<serviceAuthorization principalPermissionMode="Custom">
<authorizationPolicies>
<add policyType="Security.BusinessAuthorizationPolicy, Security" />
</authorizationPolicies>
</serviceAuthorization>
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
<behavior name="SecurityOff">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" minFreeMemoryPercentageToActivateService="0" />
<bindings>
<basicHttpsBinding>
<binding name="BasicHttpsBinding" sendTimeout="00:05:00" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647" messageEncoding="Text">
<readerQuotas maxDepth="2000000" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="Transport">
<transport clientCredentialType="None" />
</security>
</binding>
</basicHttpsBinding>
</bindings>
I can't see where there can be an issue. 我看不到哪里有问题。 Also I'm STILL able to call .svc methods without any problems from HomeController.
另外,我仍然能够调用.svc方法,而HomeController没有任何问题。
So, there is my question - What can it be and why this is happening after changes from http to https (or there are another reason)? 所以,我有一个问题-从http更改为https后,为什么会发生这种情况?为什么会发生这种情况(或者还有其他原因)?
Edit: Client set up: 编辑:客户端设置:
public static ChannelFactory<IBusiness> CreateFactory()
{
var authorization = new Authorization()
{
Key = GlobalConfig.BusinessAuthorizationKey
};
AddressHeader header = AddressHeader.CreateAddressHeader(authorization);
var address = new EndpointAddress(new Uri(ClientConfig.BusinessServiceEndpoint), header);
var channel = new ChannelFactory<IBusiness>(address.ResolveBinding(), address);
var bind = Helper.ResolveBinding(address);
if (bind is BasicHttpBinding)
{
var bindings = bind as BasicHttpBinding;
bindings.MaxBufferPoolSize = 2147483647;
bindings.MaxBufferSize = 2147483647;
bindings.MaxReceivedMessageSize = 2147483647;
bindings.MessageEncoding = WSMessageEncoding.Text;
bindings.ReaderQuotas.MaxArrayLength = 2147483647;
bindings.ReaderQuotas.MaxBytesPerRead = 2147483647;
bindings.ReaderQuotas.MaxDepth = 2147483647;
bindings.ReaderQuotas.MaxNameTableCharCount = 2147483647;
bindings.ReaderQuotas.MaxStringContentLength = 2147483647;
bindings.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
channel.Endpoint.Binding = bindings;
}
else
{
var bindings = bind as BasicHttpsBinding;
bindings.MaxBufferPoolSize = 2147483647;
bindings.MaxBufferSize = 2147483647;
bindings.MaxReceivedMessageSize = 2147483647;
bindings.MessageEncoding = WSMessageEncoding.Text;
bindings.ReaderQuotas.MaxArrayLength = 2147483647;
bindings.ReaderQuotas.MaxBytesPerRead = 2147483647;
bindings.ReaderQuotas.MaxDepth = 2147483647;
bindings.ReaderQuotas.MaxNameTableCharCount = 2147483647;
bindings.ReaderQuotas.MaxStringContentLength = 2147483647;
bindings.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
channel.Endpoint.Binding = bindings;
}
return channel;
}
I suppose You'll need to get valid certificate anyway. 我想您还是需要获得有效的证书。 In meantime you may try to create self-signed certificate using info from powershell
同时,您可以尝试使用Powershell中的信息创建自签名证书
get-help about_signing
Also you'll need to add certificate to IIS 另外,您还需要向IIS添加证书
Managed to deal with it. 设法处理它。
I simply added 我只是添加了
ServicePointManager.ServerCertificateValidationCallback = (snder, cert, chain, error) => true;
in factory creation. 在工厂创建中。 This thing has never refreshed after one call before, that's the reason I was getting this error, when everything seemed fine.
之前一个电话,这个东西从未刷新过,这就是当一切似乎都很好时我收到此错误的原因。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.