stackoom
  简体   繁体   中英

WCF 2-way ssl not working

 原文  2014-04-21 07:03:30       wcf/ security/ authentication/ ssl

Question

I am a newbie to WCF. I have created a self hosted WCF server for the client is a java rest client. The communication between he client and the server should be mutually authenticated via ssl certificates at both ends. Therefore during communication, client needs to send the certificate. The client certificate needs to be custom validated on the server. I think the 1-way communication is happening fine but the server is not able to validate the client certificate. Actually the custom validator code is not executing itself.

In server traces, I see "configuration evaluation context not found" twice, guess there is some issue with the config file

My config file is as follows: 

<configuration>
  <system.diagnostics>
    <sources>
      <source name="System.ServiceModel"
              switchValue="All, ActivityTracing"
              propagateActivity="true">
        <listeners>
          <add name="xml" />
        </listeners>
      </source>
    </sources>
    <sharedListeners>
      <add name="xml" type="System.Diagnostics.XmlWriterTraceListener" initializeData="C:\log\Traces.svclog" />
    </sharedListeners>
    <trace autoflush="true"/>
  </system.diagnostics>
  <system.serviceModel>
    <bindings>
      <customBinding>
        <binding name="mybinding">
          <transactionFlow />
          <textMessageEncoding />
          <httpsTransport requireClientCertificate="true" />
          <security authenticationMode="MutualSslNegotiated"/>
        </binding>
      </customBinding>
    </bindings>
    <behaviors>
      <serviceBehaviors>
        <behavior name="behaviour">
          <serviceMetadata httpsGetEnabled="True"/>
          <serviceDebug includeExceptionDetailInFaults="true" />
          <serviceCredentials>
            <clientCertificate>
              <authentication certificateValidationMode="Custom" customCertificateValidatorType="myproject.MyX509CertificateValidator,myproject"/>
            </clientCertificate>
          </serviceCredentials>
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <services>
      <service name="myHost" behaviorConfiguration="behaviour">
        <endpoint address="" contract="IIWCFServer" binding="customBinding" bindingConfiguration="mybinding" />
        <endpoint address="mex" contract="IMetadataExchange" binding="mexHttpsBinding"/>
      </service>
    </services>
    <diagnostics>
      <messageLogging logEntireMessage="true"
                      logMessagesAtServiceLevel="true"
                      logMessagesAtTransportLevel="true"
                      logMalformedMessages="true"
                      maxMessagesToLog="5000"
                      maxSizeOfMessageToLog="2000">
      </messageLogging>
    </diagnostics>
  </system.serviceModel>
</configuration>

I already went through 100s of article but not able to get the solution. Any suggestion would be helpful.

The details of exception from the XML is as follows. Please let me know in case I can get the error details from any other place. 

<E2ETraceEvent xmlns="http://schemas.microsoft.com/2004/06/E2ETraceEvent">
<System xmlns="http://schemas.microsoft.com/2004/06/windows/eventlog/system">
<EventID>524312</EventID>
<Type>3</Type>
<SubType Name="Warning">0</SubType>
<Level>4</Level>
<TimeCreated SystemTime="2014-04-21T09:09:53.2168282Z" />
<Source Name="System.ServiceModel" />
<Correlation ActivityID="{28fb55cc-1d5f-4a5a-a76e-5939a733b8f1}" />
<Execution ProcessName="testServer.vshost" ProcessID="2368" ThreadID="9" />
<Channel />
<Computer>WGP-PRINT-145</Computer>
</System>
<ApplicationData>
<TraceData>
<DataItem>
<TraceRecord xmlns="http://schemas.microsoft.com/2004/10/E2ETraceEvent/TraceRecord" Severity="Warning">
<TraceIdentifier>http://msdn.microsoft.com/en-IN/library/System.ServiceModel.EvaluationContextNotFound.aspx</TraceIdentifier>
<Description>Configuration evaluation context not found.</Description>
<AppDomain>testServer.vshost.exe</AppDomain>
</TraceRecord>
</DataItem>
</TraceData>
</ApplicationData>
</E2ETraceEvent>

1 answers

solution1
 0  2014-09-12 09:24:33

The code that worked for me is as follows: 

String port = 443;
String certificateSubject = "Mymachine";
String urlString = String.Format("https://{0}:{1}/",System.Net.Dns.GetHostEntry("").HostName, port);
Uri httpUrl = new Uri(urlString);
ServiceHost host = new WebServiceHost(typeof(mynamespace.myclass), httpUrl);

WebHttpBinding wsBinding = new WebHttpBinding();
wsBinding.Security.Mode = WebHttpSecurityMode.Transport;
wsBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;

host.Credentials.ServiceCertificate.SetCertificate(
                                                    StoreLocation.LocalMachine,
                                                    StoreName.My,
                                                    X509FindType.FindBySubjectName,
                                                    certificateSubject);


host.Credentials.ClientCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.Custom;
host.Credentials.ClientCertificate.Authentication.CustomCertificateValidator = new MyX509CertificateValidator();

host.AddServiceEndpoint(typeof(myinterface), wsBinding, httpUrl);

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question 2-way SSL Authentication for WCF Service how to implement 2-way SSL certificate for WCF 2-Way SSL authentication and request authorization WCF Service not working under SSL SSL with WCF not working! How to Debug WCF configuration to HTTPS with SSL not working SSRS Server Web Service using 2-Way SSL - Error : HTTP Error 403.7 – Forbidden WCF not working when ssl is applied to website How does WCF + SSL working with load balancing? 2-way Cross Process Communication
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM