如何使用WCF wsHttpBinding和SSL?
[英]How to work with WCF wsHttpBinding and SSL?
问题描述
I need to develop a WCF Hosted in a console app WebService . 
我需要开发WCF Hosted in a console app WebService的WCF Hosted in a console app WebService 。 I made it work using the Mutual Certificate (service and client) method using SecurityMode.Message . 我通过使用SecurityMode.Message使用Mutual Certificate (service and client)方法来使其工作。 But now i need to change the Security Mode to SecurityMode.Transport and use the wsHttpBinding with SSL. 但是现在我需要将安全模式更改为SecurityMode.Transport并使用带SSL的wsHttpBinding 。 I made this code to host the service but i cannot get the wsdl with the browser, or execute some webmethod in the console app client. 我编写了此代码来托管服务,但无法通过浏览器获取wsdl,也无法在the console app客户端中执行某些webmethod。
static void Main()
{
var httpsUri = new Uri("https://localhost:8089/HelloServer");
var binding = new WSHttpBinding();
binding.Security.Mode = SecurityMode.Transport;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
var host = new ServiceHost(typeof(WcfFederationServer.HelloWorld), httpsUri);
host.AddServiceEndpoint(typeof(WcfFederationServer.IHelloWorld), binding, "", httpsUri);
var mex = new ServiceMetadataBehavior();
mex.HttpsGetEnabled = true;
host.Description.Behaviors.Add(mex);
// Open the service.
host.Open();
Console.WriteLine("Listening on {0}...", httpsUri);
Console.ReadLine();
// Close the service.
host.Close();
}
The service is up, but i cannot get nothing on the https://localhost:8089/HelloServer . 服务已启动,但是我在https://localhost:8089/HelloServer上什么也收不到。 On fiddler the get request via browser shows me this message: 在提琴手上,通过浏览器的get请求向我显示此消息:
fiddler.network.https> HTTPS handshake to localhost failed. System.IO.IOException
What im missing here? 我在这里想念什么? Thanks 谢谢
EDIT: 编辑:
The Console Application Client Code Console Application Client Code
static void Main()
{
try
{
var client = new HelloWorldHttps.HelloWorldClient();
client.ClientCredentials.ClientCertificate.SetCertificate(
StoreLocation.LocalMachine,
StoreName.TrustedPeople,
X509FindType.FindBySubjectName,
"www.client.com");
Console.WriteLine(client.GetData());
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
Console.ReadKey();
}
Getting this error: 收到此错误:
Could not establish trust relationship for the SSL/TLS secure channel
1 个解决方案
解决方案1
1 已采纳 2014-08-26 21:37:48
When it comes to the service, you need to map the certificate to the specific port as described here 关于服务,您需要按照以下说明将证书映射到特定端口
http://msdn.microsoft.com/en-us/library/ms733791(v=vs.110).aspx http://msdn.microsoft.com/en-us/library/ms733791(v=vs.110).aspx
As for the client, you need to skip the verification of certificate properties like valid date, the domain by relaxing the certificate acceptance policy. 对于客户端,您需要通过放宽证书接受策略来跳过对证书属性(如有效日期,域)的验证。 An easiest way would be to accept any certiticate 最简单的方法是接受任何证书
ServicePointManager.ServerCertificateValidationCallback = (a,b,c,d) => true
You can finetune the acceptance callback according to the docs to best fit your needs. 您可以根据文档微调接受回调,以最适合您的需求。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.