WCF in asp.net core 2.0 - Could not establish trust relationship for the SSL/TLS secure channel with authority
Question
Previously I had an application targeting framework 4.5.1 and used Web Reference to add a WCF service. This works perfectly and was able to authenticate successfully with the server.
old code:
ServicePointManager.Expect100Continue = false;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
IService orderService = new Service();
// private method to load certificate
var cert = LoadCertificate(@"....\00050._.1.p12", "pwd");
oIPGApiOrderService.ClientCertificates.Add(cert);
oIPGApiOrderService.Url = @"service_url";
NetworkCredential nc = new NetworkCredential("username", "pwd");
oIPGApiOrderService.Credentials = nc;
Now I'm upgrading to .net core 2.0 and is targeting .net standard 2.0. I've added the service is using service reference (connected service). The generated code has changed which used channel factory etc...
New code:
ServicePointManager.Expect100Continue = false;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
System.ServiceModel.BasicHttpBinding result = new System.ServiceModel.BasicHttpBinding();
result.MaxBufferSize = int.MaxValue;
result.ReaderQuotas = System.Xml.XmlDictionaryReaderQuotas.Max;
result.MaxReceivedMessageSize = int.MaxValue;
result.AllowCookies = true;
result.Security.Mode = System.ServiceModel.BasicHttpSecurityMode.Transport;
IService client = new Service(result, new EndpointAddress("service_url"));
client.ClientCredentials.ClientCertificate.Certificate = new X509Certificate2(@"....\00050._.1.p12", "pwd");
client.ClientCredentials.UserName.UserName = "username";
client.ClientCredentials.UserName.Password = "pwd";
But new code is not working although certificates loaded successfully. I'm getting an exception:
{System.ServiceModel.Security.SecurityNegotiationException: Could not establish trust relationship for the SSL/TLS secure channel with authority 'xxxxxxx-online.com'. ---> System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.Http.WinHttpException: A security error occurred
Any help from you guys will be really appreciated. Am I missing something?
2 answers
solution1
11 2018-11-07 13:07:48
If you use untrust server certificate (selfsigned for instance) you should use this:
client.ClientCredentials.ServiceCertificate.SslCertificateAuthentication =
new X509ServiceCertificateAuthentication()
{
CertificateValidationMode = X509CertificateValidationMode.None,
RevocationMode = System.Security.Cryptography.X509Certificates.X509RevocationMode.NoCheck
};
solution2
0 2020-07-14 16:35:20
try the following
BasicHttpBinding httpBindingbinding = new BasicHttpBinding{MaxReceivedMessageSixe=999999};
httpBindingbinding.Security.Mode = BasicHttpSecurityMode.Transport;
httpBindingbinding.Security.Transport = new HttpTransportSecurity{ClientCredentialType=HttpClientCredentialType.Certificate};
above Http setting is equivalent to "System.serviceModel" xml generated in webconfig in .netframework when connecting to WCF
` <bindings>
<basicHttpBinding>
<binding name="myBindingConfiguration1" maxReceivedMessageSize="999999">
<security mode="Transport">
<transport clientCredentialType ="Certificate"/>
</security>
</basicHttpBinding>
</binding>`
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.