stackoom
  简体   繁体   中英

Exception in configuring Transport Security in Self Hosted Service using NetTcpBinding in WCF

 原文  2015-05-04 11:28:11       c#/ wcf/ security/ ssl

Question

This is the configuration on the service side: 

<endpoint binding="netTcpBinding" bindingConfiguration="TcpBinding" contract="a"></endpoint>
<binding name="TcpBinding">
  <security mode="Transport">
    <transport protectionLevel="EncryptAndSign" clientCredentialType="None">
    </transport>
  </security>
  <reliableSession enabled="false"/>
</binding>

<serviceBehaviors>
<behavior>
  <serviceCredentials>
    <serviceCertificate  storeName="My" storeLocation="LocalMachine" findValue="73 b9 d8 98 8d b6 54 bf fb ff 21 0b ac fc 04 19 37 16 71 5f" x509FindType="FindByThumbprint" />
  </serviceCredentials>
  <serviceMetadata httpGetEnabled="false"/>
  <serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>

I have created a self signed certificate following this link: https://msdn.microsoft.com/en-us/library/ff648498.aspx

First I created a Certificate that I installed as Root Certificate Authority in Trusted Root Certification Authorities - named 'RootCA'. Then, I created another self signed certificate signed with this 'RootCA' which is issued to 'localhost'.

On the client side, I am using the same configuration elements as on service side. While opening the proxy, I am receiving the following exception:

System.ServiceModel.Security.SecurityNegotiationException The X.509 certificate CN=localhost chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. The revocation function was unable to check revocation for the certificate.

What else is needed to make this running?

1 answers

solution1
 1 ACCPTED  2015-05-04 12:34:30

include this in your client side in endpoint behaviours

    <endpointBehaviors>
          <behavior name="clientBehave">
            <clientCredentials>
               <serviceCertificate>              
<authentication certificateValidationMode="PeerOrChainTrust" revocationMode="NoCheck"/>
              </serviceCertificate>
            </clientCredentials>
          </behavior>
        </endpointBehaviors>

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Self-hosted WCF Service with MEF and NetTcpBinding for push and pull mechanism Configuring self hosted wcf service endpoints Console hosted WCF data service with transport security running but not found by clients Self Hosted WCF Service NetTcpBinding - Self-Hosted WCF - Can't get client connected Configuring a service for multiple message ProtectionLevels while using transport security WCF Security using NetTCPBinding with TcpClientCredentialType.Windows Connect to a self hosted WCF service Self hosted WCF service in Mono InstanceContextMode of self hosted WCF service
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM