[英]could not establish secure channel for ssl/tls with authority wcf C# wcf rest service
I create a client application that get data from my rest wcf service as you can see : 如您所见,我创建了一个客户端应用程序,该程序从我的其余wcf服务获取数据:
Uri reqUri = new Uri("https://localhost/paymentservice.svc/listpayment");
WebRequest req = WebRequest.Create(reqUri);
req.PreAuthenticate = true;
NetworkCredential credential = new NetworkCredential("test", "test123");
req.Credentials = credential;
WebResponse resp = req.GetResponse();
DataContractSerializer data = new DataContractSerializer(typeof(string));
var res = data.ReadObject(resp.GetResponseStream());
Console.WriteLine(res);
Console.ReadLine();
I create a certificate in iis as you can se : 我可以在iis中创建一个证书:
And upload my published file on it . 并在上面上传我发布的文件。 But when i call my client i get this error :
但是当我打电话给客户时,我得到了这个错误:
An unhandled exception of type 'System.Net.WebException' occurred in System.dll
Additional information: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel
Here is my service webconfig 这是我的服务webconfig
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
<section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
</configSections>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.5.2" />
<httpRuntime targetFramework="4.5.2" />
<httpModules>
<add name="ApplicationInsightsWebTracking" type="Microsoft.ApplicationInsights.Web.ApplicationInsightsHttpModule, Microsoft.AI.Web" />
</httpModules>
<authentication mode="None" />
</system.web>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="secureHttpBinding">
<security mode="Message">
<message clientCredentialType="UserName" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="Payment.Application.ServiceImplement.PaymentService" behaviorConfiguration="customBehaviour">
<endpoint address=""
binding="webHttpBinding"
contract="Payment.Domain.Service.IPaymentService"
behaviorConfiguration="web"/>
</service>
<service name="Payment.Infrustructure.RepositoryImplement.PaymentRepository" behaviorConfiguration="customBehaviour" >
<endpoint address=""
binding="webHttpBinding"
contract="Payment.Domain.Repository.IPaymentRepository"
behaviorConfiguration="web"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="customBehaviour">
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="Payment.Service.UserAuthentication,Payment.Service"/>
</serviceCredentials>
<!-- To avoid disclosing metadata information, set the values below to false before deployment -->
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="web">
<webHttp/>
</behavior>
</endpointBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Methods" value="GET, POST,PUT,DELETE" />
</customHeaders>
</httpProtocol>
<modules runAllManagedModulesForAllRequests="true">
<remove name="ApplicationInsightsWebTracking" />
<add name="ApplicationInsightsWebTracking" type="Microsoft.ApplicationInsights.Web.ApplicationInsightsHttpModule, Microsoft.AI.Web" preCondition="managedHandler" />
</modules>
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="true" />
<validation validateIntegratedModeConfiguration="false" />
</system.webServer>
<entityFramework>
<defaultConnectionFactory type="System.Data.Entity.Infrastructure.SqlConnectionFactory, EntityFramework" />
<providers>
<provider invariantName="System.Data.SqlClient" type="System.Data.Entity.SqlServer.SqlProviderServices, EntityFramework.SqlServer" />
</providers>
</entityFramework>
<connectionStrings>
<add name="DefaultConnection" connectionString="Data Source=.;initial catalog=SymfaDB;user id= sa ;password=12345;" providerName="System.Data.SqlClient" />
<!--<add name="DefaultConnection" connectionString="Data Source=92.50.12.222,1433;initial catalog=ParkingDB;user id= sa ;password=123qweQWE@;" providerName="System.Data.SqlClient" />-->
</connectionStrings>
</configuration>
When irun the project in visual studio and call this url http://localhost:4428/PaymentService.svc/listpayment
I get the data as you can see : 当我在Visual Studio中运行该项目并调用此URL
http://localhost:4428/PaymentService.svc/listpayment
我得到的数据如下所示:
But when i upload the publish file into iis and call this url https://localhost/PaymentService.svc/listpayment
as you can see i get this error : 但是当我将发布文件上传到iis并调用此URL
https://localhost/PaymentService.svc/listpayment
,您可以看到我收到此错误:
As you can see when i call this https://localhost/PaymentService.svc
my service is available . 如您所见,当我调用此
https://localhost/PaymentService.svc
我的服务可用。
You need to install the certificate as trusted source. 您需要将证书安装为可信源。
Also the hostname used in the URL should match the name that's on certificate. URL中使用的主机名也应与证书上的名称匹配。 Make sure the URL you're using and the URL on the 'Issued to' field of the certificate are the same.
确保您使用的URL与证书的“颁发给”字段中的URL相同。
To get rid of this error use the machine name exactly same as your certificate section “Issued to” says. 要消除此错误,请使用与证书部分“颁发给”完全相同的计算机名称。 For example, if you open your certificate then you'll see issued to property and which should be your Machine name.
例如,如果您打开证书,则将看到“颁发给”属性,该属性应该是您的计算机名称。 If your machine is part of a domain then machine name would be like .. etc, so if you open it in your browser will fully qualified name of your machine then you won't be getting that error.
如果您的计算机是域的一部分,则计算机名称将类似于..等,因此,如果在浏览器中打开它,将获得完全限定的计算机名称,则不会出现该错误。 So i just call my service by domain like
https://union-pc58.union.com/Service1.svc
所以我只是按
https://union-pc58.union.com/Service1.svc
类的域来调用我的服务
Just follow this link 只需点击此链接
http://www.c-sharpcorner.com/UploadFile/vendettamit/create-secure-wcf-rest-api-with-custom-basic-authentication/ http://www.c-sharpcorner.com/UploadFile/vendettamit/create-secure-wcf-rest-api-with-custom-basic-authentication/
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.