[英]WCF Client with both Basic and Client Certificate Authentication
I am trying to integrate with a Web Service end point which require Basic and Client Certificate for authentication using WCF. 我正在尝试与Web服务端点集成,该端点要求使用WCF进行身份验证需要基本证书和客户端证书。 I tried below different setting based on suggestions online but still I am receiving "Could not establish secure channel for SSL/TLS with authority XXXXX". 我根据在线建议在下面的不同设置下进行了尝试,但仍然收到“无法使用权限XXXXX为SSL / TLS建立安全通道”。 Server uses well known CA which is already available in Windows Certificate Store. 服务器使用众所周知的CA,该证书已在Windows证书存储中提供。 In code I am adding ClientCredentials.UserName.UserName , ClientCredentials.UserName.Password & ClientCredentials.ClientCertificate.Certificate successfully. 在代码中,我正在成功添加ClientCredentials.UserName.UserName,ClientCredentials.UserName.Password和ClientCredentials.ClientCertificate.Certificate。
1) 1)
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="Basic"/>
</security>
Result : "Could not establish secure channel for SSL/TLS with authority XXXXX" 结果:“无法为具有权限XXXXX的SSL / TLS建立安全通道”
2) 2)
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="Basic" />
<message clientCredentialType="Certificate" />
</security>
Result : Result : "Could not establish secure channel for SSL/TLS with authority XXXXX" 结果:结果:“无法为具有权限XXXXX的SSL / TLS建立安全通道”
3) 3)
<security mode="Transport">
<transport clientCredentialType="Certificate"/>
<message clientCredentialType="UserName" />
</security>
Result : The HTTP request is unauthorized with client authentication scheme 'Anonymous'. 结果:HTTP请求未经客户端身份验证方案“匿名”授权。 The authentication header received from the server was 'Basic realm="Realm"'. 从服务器收到的身份验证标头是“ Basic realm =“ Realm””。 ---> System.Net.WebException: The remote server returned an error: (401) Unauthorized. ---> System.Net.WebException:远程服务器返回错误:(401)未经授权。
How to attach the Client Certificate using Basic Authentication since the server is expecting Basic authentication based on error returned when setting clientCredentialType as "Certificate". 由于服务器希望将clientCredentialType设置为“ Certificate”时返回的错误,因此需要使用基本身份验证,因此如何使用基本身份验证附加客户端证书。
Note: Using SOAPUI I can successfully connect with server 注意:使用SOAPUI,我可以成功连接服务器
I replaced 2.0 Web Service Reference instead of a WCF Service Reference to send request with both Basic &Client Authentication and it worked as expected. 我将2.0 Web Service Reference而不是WCF Service Reference替换为使用Basic&Client Authentication发送请求,并且按预期工作。
Note : Web Reference is old style deprecated model. 注意:Web参考是旧样式已弃用的模型。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.