stackoom
  简体   繁体   中英

migrate to https in a c# self-hosted WFC service

 原文  2020-04-20 22:11:30       c#/ wcf/ https

Question

I've got a c# self-hosted WebService with an http endpoint. Everything works great, now I would like to migrate it in HTTPS. I've got the certificate, how can I do? Tnx

This is my app.config:

  <system.serviceModel>
<services>
  <service name="XWebServiceLib.XWebService" behaviorConfiguration="XWebServiceBehave">
    <host>
      <baseAddresses>
        <add baseAddress="http://10.82.80.21:80/XWebService"/> 
      </baseAddresses>
    </host>
    <endpoint address="http://10.82.80.21:80/XWebService" binding="basicHttpBinding" bindingNamespace="http://10.82.80.21:80/XWebService" contract="XWebServiceLib.IXWebService"/>
    <endpoint address="mex" binding="mexHttpBinding" bindingNamespace="http://10.82.80.21:80/XWebService" contract="IMetadataExchange"/>
  </service>
</services>
<behaviors>
  <serviceBehaviors>
    <behavior name="XWebServiceBehave">
      <serviceMetadata httpGetEnabled="true"/>
      <serviceDebug includeExceptionDetailInFaults="true"/>
      <dataContractSerializer maxItemsInObjectGraph="2147483647"/>
    </behavior>
  </serviceBehaviors>
</behaviors>

And this is how I start my WebService:

            var instance = new XWebService();

            svcHost = new ServiceHost(instance);                
            svcHost.Open();

1 answers

solution1
 0  2020-04-21 03:23:48

If above configuration works fine, it is enough that changing the binding type to enable Https.
We need to change the security mode of basichttpbinding to transport security mode.

   <system.serviceModel>
    <services>
      <service name="XWebServiceLib.XWebService" behaviorConfiguration="XWebServiceBehave">
        <host>
        </host>
        <endpoint address="https://10.82.80.21:80/XWebService" binding="basicHttpBinding" bindingConfiguration="mybinding" bindingNamespace="http://10.82.80.21:80/XWebService" contract="XWebServiceLib.IXWebService"/>
        <endpoint address="mex" binding="mexHttpsBinding" bindingNamespace="http://10.82.80.21:80/XWebService" contract="IMetadataExchange"/>
      </service>
    </services>
    <bindings>
      <basicHttpBinding>
        <binding name="mybinding">
          <security mode="Transport">
            <transport clientCredentialType="None"></transport>
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
    <behaviors>
      <serviceBehaviors>
        <behavior name="XWebServiceBehave">
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="true"/>
          <dataContractSerializer maxItemsInObjectGraph="2147483647"/>
        </behavior>
      </serviceBehaviors>
    </behaviors>
  </system.serviceModel>

Alternatively, we could use the basichttpsbinding without applying the specific binding configuration.

  <system.serviceModel>
    <services>
      <service name="XWebServiceLib.XWebService" behaviorConfiguration="XWebServiceBehave">
        <host>
        </host>
        <endpoint address="https://10.82.80.21:80/XWebService" binding="basicHttpsBinding" bindingNamespace="http://10.82.80.21:80/XWebService" contract="XWebServiceLib.IXWebService"/>
        <endpoint address="mex" binding="mexHttpsBinding" bindingNamespace="http://10.82.80.21:80/XWebService" contract="IMetadataExchange"/>
      </service>
    </services>
    <behaviors>
      <serviceBehaviors>
        <behavior name="XWebServiceBehave">
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="true"/>
          <dataContractSerializer maxItemsInObjectGraph="2147483647"/>
        </behavior>
      </serviceBehaviors>
    </behaviors>
  </system.serviceModel>

Subsequently, Https service endpoint requires us to bind a certificate to the specific port.
https://docs.microsoft.com/en-us/dotnet/framework/wcf/feature-details/how-to-configure-a-port-with-an-ssl-certificate
In general, we bind a certificate to the port with the below statement.

netsh http add sslcert ipport=0.0.0.0:8000 certhash=0000000000003ed9cd0c315bbb6dc1c08da5e6 appid={00112233-4455-6677-8899-AABBCCDDEEFF}

In IIS, it could be accomplished by the site-binding module.
https://docs.microsoft.com/en-us/dotnet/framework/wcf/feature-details/how-to-configure-an-iis-hosted-wcf-service-with-ssl
Feel free to let me know if there is anything I can help with.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Why/how to migrate self-hosted WCF service to IIS7? Self-hosted WCF service works with HTTP not with HTTPS Self-hosted SOAP Service C#.Net Self-Hosted Web service no loading Unable to talk to self-hosted WCF Service WCF Self-hosted service as an Azure Webjob WCF Design Approach For Self-Hosted Service Unable to connect to self-hosted WCF service WCF service (self-hosted) over HTTPS - Get negotiated SSL/TLS protocol version WCF: Controlling service endpoint name in self-hosted service
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM