在 VS19 中添加需要使用客户端证书进行身份验证的服务引用
[英]Add Service Refrence in VS19 that requires authentication with client certificate
问题描述
How do I add a Connected Service that requires a Certificate?
如何添加需要证书的连接服务?
I need to call a SOAP API developed by another company.我需要打一个别的公司开发的SOAP API。 The company has supplied me with a pfx-file based on a cer-file I've created.公司根据我创建的 cer 文件向我提供了一个 pfx 文件。 I've installed the certificate in "Trusted Root Certification Authorities" (in local computer and current user) using the supplied password.我已经使用提供的密码在“受信任的根证书颁发机构”(本地计算机和当前用户)中安装了证书。 But when i try to add a WCF Web Service Provider either through the URL or the wsdl-file I get the error: "Could not create SSL/TLS secure channel" , and the addition of the service is abandoned.但是,当我尝试通过 URL 或 wsdl 文件添加 WCF Web 服务提供商时,我收到错误消息: “无法创建 SSL/TLS 安全通道” ,并且放弃了该服务的添加。
When I contacted the company they asked me to check if the certificate was installed correctly by calling the API from SOAP UI (adding a jks-file they gave me) - this works fine.当我联系公司时,他们要求我通过从 SOAP UI 调用 API(添加他们给我的 jks 文件)来检查证书是否正确安装 - 这工作正常。 They could not be of further assistance.他们无法提供进一步的帮助。
I'm writing a aps.net core web application and using .net core 3.0 in VS19我正在编写一个 aps.net 核心 web 应用程序并在 VS19 中使用 .net 核心 3.0
I'll have to mention that this is my first practical encounter with certificates and the question might be somewhat in concise.我不得不提一下,这是我第一次实际接触证书,这个问题可能有点简明扼要。
1 个解决方案
解决方案1
0 2020-04-14 12:55:45
The PFX might contain more than one certificate. PFX 可能包含多个证书。
Are you shure you created a .cer (Certificate) and not a .csr (Certificate signing request)?您是否确定创建了.cer (证书)而不是.csr (证书签名请求)?
N.netheless, the certificate must be in the personal store and the the certificate that issued it must be place into the Trusted Root Certification Authorities (if it is the last one in the chain). N. 尽管如此,证书必须在个人存储中,并且颁发它的证书必须放入受信任的根证书颁发机构(如果它是链中的最后一个)。
Here is an example ( i ran certlm.msc and clicked the end entity certificate :这是一个示例(我运行了certlm.msc并单击了最终实体证书:
- Sectico is the root certificate and goes to Trusted Root Certification Authorities Sectico 是根证书,去受信任的根证书颁发机构
- COMODO RSA... is the intermediate certificate and goes to Intermediate Certification Authorities COMODO RSA...是中级证书,去中级证书颁发机构
- Daniel... is the end entity certificate and goes to Personal丹尼尔...是最终实体证书并转到个人
I recommend to import into Personal and then move (drag-drop) the certificates.我建议导入到个人,然后移动(拖放)证书。
For the end entity there must be a private key associated - which can be identified by the key icon:对于最终实体,必须有一个关联的私钥 - 可以通过钥匙图标识别:
Microsoft also provides some documentation on the topic: https://learn.microsoft.com/en-us/previous-versions/msp-np/ff648360(v=pandp.10)?redirectedfrom=MSDN Microsoft 还提供了一些关于该主题的文档: https://learn.microsoft.com/en-us/previous-versions/msp-np/ff648360(v=pandp.10)?redirectedfrom=MSDN
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.