堆栈内存溢出
  简体   繁体   English

在 WCF 服务网 tcp 中使用客户端证书

[英]Use client certificate in WCF service net tcp

 原文  2020-04-22 13:44:18       wcf/ certificate

问题描述

I have a WCF application running as net tcp and installed a server certificate (xxx.domain.com) in server.我有一个 WCF 应用程序以网络 tcp 运行,并在服务器中安装了服务器证书 (xxx.domain.com)。

Enabled Transport with certificate security.启用具有证书安全性的传输。 IIS web site configured and its working fine with above certificate also its not installed in local machine as its found correct root ca and intermediate certificate. IIS web 站点已配置并且与上述证书一起工作正常,它也没有安装在本地机器中,因为它找到了正确的根 ca 和中间证书。

Can i call the wcf service with out installing certificate if yes which one i should use Root CA or intermediate.我可以在不安装证书的情况下调用 wcf 服务吗?如果是,我应该使用根 CA 或中间证书。 Please see the certificate chain below请参阅下面的证书链

Root CA根 CA
Intermediate中间的
xxx.domain.com xxx.domain.com

Here is the code used in client这是客户端中使用的代码

channel.Credentials.ClientCertificate.SetCertificate(
StoreLocation.LocalMachine,
StoreName.CertificateAuthority,
X509FindType.FindByThumbprint,
"tried intermediate and root CA its not working ");

1 个解决方案

解决方案1
 0  2020-04-24 06:09:25

When a WCF service created by Nettcpbinding authenticates the client with a certificate, we need to specify a service certificate in the service credentials.当 Nettcpbinding 创建的Nettcpbinding服务使用证书对客户端进行身份验证时,我们需要在服务凭证中指定服务证书。

sh.Credentials.ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByThumbprint, "5ba5022f527e32ac02548fc5afc558de1d314cb6");

Then the service will work properly.然后该服务将正常工作。 Subsequently, the client should provide a client certificate when calling the service since the Clientcredentialtype property is Certificate on the server-side.随后,客户端在调用服务时应提供客户端证书,因为Clientcredentialtype属性是服务器端的Certificate

binding.Security.Transport.ClientCredentialType = TcpClientCredentialType.Certificate;

Client-side.客户端。

ServiceReference1.ServiceClient client = new ServiceClient();
client.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByThumbprint, "f0969c5725b2f142b7f150515ec2bd12bc45250b");
            var result = client.Test();
            Console.WriteLine(result);

During this process, please note we should install the certificate each other in the Root CA so that the certificate trust relationship between the client-side and the server-side can be established.在此过程中,请注意我们应该在根CA中安装彼此的证书,这样才能建立客户端和服务器端的证书信任关系。
Look back to your question, the cause might be the certificate trust relationship cannot be established between the client-side and the server-side.回头看你的问题,原因可能是客户端和服务器端之间无法建立证书信任关系。 We have to ensure that the client-side has installed the service certificate in the Root CA and the server has installed the client certificate in the Root CA.我们必须确保客户端已经在根 CA 中安装了服务证书,并且服务器已经在根 CA 中安装了客户端证书。
Feel free to let me know if there is anything I can help with.如果有什么我可以帮忙的,请随时告诉我。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用基于套接字的客户端与WCF(net.tcp)服务? - How to use socket based client with WCF (net.tcp) service? 无法为net.tcp WCF服务添加服务客户端 - Unable to add service client for a net.tcp WCF service 无法从WCF测试客户端访问Net TCP服务 - Can't Access Net TCP service From WCF Test Client WCF 通过证书识别客户端的服务 - WCF Service that identifies client by certificate 带有签名证书的WCF net.tcp - WCF net.tcp with signed certificate 域服务器和域外客户端中的net.tcp wcf服务(托管Windows服务) - net.tcp wcf service (windows service hosted) in domain server and client outside of domain 使用私钥加入SSL .crt证书以与WCF的Net.Tcp绑定一起使用 - Joining an SSL .crt certificate with a private key for use with WCF's Net.Tcp binding Tomcat应用程序到具有客户端证书身份验证的WCF服务 - Tomcat Application to WCF Service with Client Certificate Authentication 从WCF服务访问客户端证书属性 - Access client certificate properties from WCF Service Wcf服务无法访问客户端证书 - Wcf Service loses access to Client Certificate
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM