WCF 4.5和带有x509证书的Soap UI

Question

我是WCF的新手，我可以获取一个.net客户端应用程序以使用证书与我的WCF Web服务进行通讯，但是我无法使NON WCF应用程序（例如Soap UI 5.0）正常工作。 我正在使用自签名证书进行测试，但是出现以下错误。

<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing">
   <s:Header>
      <a:Action s:mustUnderstand="1">http://www.w3.org/2005/08/addressing/soap/fault</a:Action>
   </s:Header>
   <s:Body>
      <s:Fault>
         <s:Code>
            <s:Value>s:Sender</s:Value>
            <s:Subcode>
               <s:Value xmlns:a="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">a:InvalidSecurity</s:Value>
            </s:Subcode>
         </s:Code>
         <s:Reason>
            <s:Text xml:lang="en-US">An error occurred when verifying security for the message.</s:Text>
     </s:Reason>
  </s:Fault>

我已根据本文https://community.smartbear.com/t5/SoapUI-Open-Source/Help-with-Certificate/td-p/41385设置了SOAP UI

这是我的网络配置

<system.serviceModel>
    <diagnostics>
      <messageLogging logEntireMessage="true" logMalformedMessages="true" logMessagesAtServiceLevel="true" logMessagesAtTransportLevel="true" maxMessagesToLog="3000" maxSizeOfMessageToLog="2000" />
</diagnostics>
<bindings>
  <wsHttpBinding>
    <binding name="wsHttpEndpointBinding">
      <security mode="TransportWithMessageCredential">
        <message clientCredentialType="Certificate" negotiateServiceCredential="false"
          algorithmSuite="Default" establishSecurityContext="false" />
      </security>
    </binding>
    <binding name="wsHttpEndpointBinding_https" messageEncoding="Text">
      <security mode="Transport">
        <transport clientCredentialType="None" proxyCredentialType="None" />
        <message clientCredentialType="None" negotiateServiceCredential="false"
          algorithmSuite="Default" establishSecurityContext="false" />
      </security>
    </binding>
  </wsHttpBinding>
</bindings>
<services>
  <service behaviorConfiguration="ServiceBehaviors" name="OneService4.OneServiceWCF">
    <endpoint address="" binding="wsHttpBinding" bindingConfiguration="wsHttpEndpointBinding" name="OneService" contract="OneService4.IOneServiceWCF" />
    <endpoint address="m" binding="wsHttpBinding" bindingConfiguration="wsHttpEndpointBinding_https" name="OneServiceHttps" contract="OneService4.IOneServiceWCF" />
    <!--<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
    <endpoint address="mex2" binding="mexHttpsBinding" contract="IMetadataExchange" />-->
  </service>
</services>
<behaviors>
  <serviceBehaviors>
    <behavior name="ServiceBehaviors" >
      <serviceSecurityAudit  auditLogLocation="Application" serviceAuthorizationAuditLevel="Failure" messageAuthenticationAuditLevel="Failure" suppressAuditFailure="true"  />
      <!-- To avoid disclosing metadata information, set the values below to false before deployment -->
      <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
      <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
      <serviceDebug includeExceptionDetailInFaults="true" />
      <useRequestHeadersForMetadataAddress>
        <defaultPorts>
          <add scheme="https" port="443" />
          <add scheme="http" port="80" />
        </defaultPorts>
      </useRequestHeadersForMetadataAddress>
      <serviceCredentials>
           <serviceCertificate findValue="WCFCert" x509FindType="FindBySubjectName" storeLocation="CurrentUser" storeName="TrustedPeople" />
        <clientCertificate>
          <authentication certificateValidationMode="None" revocationMode="NoCheck" />
        </clientCertificate>
      </serviceCredentials>
    </behavior>
  </serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />

Answer 1

根据您的web.config，服务安全审核已启用。 您可以在EventLogs中获得更多详细信息。 （打开您的事件查看器，并打开相应的应用程序文件夹，以了解发生安全错误的原因）。 然后，您可以解决实际上导致安全错误的问题。

这可能是由于您的安全绑定和SOAPUI哈希算法之间的不匹配所致。