堆栈内存溢出
  简体   繁体   English

在WCF中使用NetTcpBinding在自托管服务中配置传输安全性的异常

[英]Exception in configuring Transport Security in Self Hosted Service using NetTcpBinding in WCF

 原文  2015-05-04 11:28:11       c#/ wcf/ security/ ssl

问题描述

This is the configuration on the service side: 这是服务端的配置: 

<endpoint binding="netTcpBinding" bindingConfiguration="TcpBinding" contract="a"></endpoint>
<binding name="TcpBinding">
  <security mode="Transport">
    <transport protectionLevel="EncryptAndSign" clientCredentialType="None">
    </transport>
  </security>
  <reliableSession enabled="false"/>
</binding>

<serviceBehaviors>
<behavior>
  <serviceCredentials>
    <serviceCertificate  storeName="My" storeLocation="LocalMachine" findValue="73 b9 d8 98 8d b6 54 bf fb ff 21 0b ac fc 04 19 37 16 71 5f" x509FindType="FindByThumbprint" />
  </serviceCredentials>
  <serviceMetadata httpGetEnabled="false"/>
  <serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>

I have created a self signed certificate following this link: https://msdn.microsoft.com/en-us/library/ff648498.aspx 我已经通过以下链接创建了自签名证书: https : //msdn.microsoft.com/zh-cn/library/ff648498.aspx

First I created a Certificate that I installed as Root Certificate Authority in Trusted Root Certification Authorities - named 'RootCA'. 首先,我创建了一个证书,该证书作为受信任的根证书颁发机构中的根证书颁发机构安装-名为“ RootCA”。 Then, I created another self signed certificate signed with this 'RootCA' which is issued to 'localhost'. 然后,我创建了另一个与此“ RootCA”签名的自签名证书,该证书已颁发给“ localhost”。

On the client side, I am using the same configuration elements as on service side. 在客户端,我使用的是与服务端相同的配置元素。 While opening the proxy, I am receiving the following exception: 打开代理时,我收到以下异常:

System.ServiceModel.Security.SecurityNegotiationException The X.509 certificate CN=localhost chain building failed. System.ServiceModel.Security.SecurityNegotiationException X.509证书CN = localhost链构建失败。 The certificate that was used has a trust chain that cannot be verified. 使用的证书具有无法验证的信任链。 Replace the certificate or change the certificateValidationMode. 替换证书或更改certificateValidationMode。 The revocation function was unable to check revocation for the certificate. 吊销功能无法检查证书的吊销。

What else is needed to make this running? 要运行此功能还需要什么?

1 个解决方案

解决方案1
 1 已采纳  2015-05-04 12:34:30

include this in your client side in endpoint behaviours

    <endpointBehaviors>
          <behavior name="clientBehave">
            <clientCredentials>
               <serviceCertificate>              
<authentication certificateValidationMode="PeerOrChainTrust" revocationMode="NoCheck"/>
              </serviceCertificate>
            </clientCredentials>
          </behavior>
        </endpointBehaviors>

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 自托管WCF服务,带有MEF和NetTcpBinding,用于推拉机制 - Self-hosted WCF Service with MEF and NetTcpBinding for push and pull mechanism 配置自托管的wcf服务端点 - Configuring self hosted wcf service endpoints 控制台托管的WCF数据服务正在运行,但传输安全性正在运行,但客户端未找到 - Console hosted WCF data service with transport security running but not found by clients 自托管WCF服务 - Self Hosted WCF Service NetTcpBinding - 自托管WCF - 无法连接客户端 - NetTcpBinding - Self-Hosted WCF - Can't get client connected 使用传输安全性时为多个邮件ProtectionLevel配置服务 - Configuring a service for multiple message ProtectionLevels while using transport security 使用NetTCPBinding和TcpClientCredentialType.Windows的WCF安全性 - WCF Security using NetTCPBinding with TcpClientCredentialType.Windows 连接到自托管的WCF服务 - Connect to a self hosted WCF service Mono中的自托管WCF服务 - Self hosted WCF service in Mono 自托管WCF服务的InstanceContextMode - InstanceContextMode of self hosted WCF service
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM