[英]migrate to https in a c# self-hosted WFC service
我有一个 c# 自托管 WebService 和一个 http 端点。 一切正常,现在我想将它迁移到 HTTPS 中。 我有证书,我该怎么办? 肿瘤坏死因子
这是我的 app.config:
<system.serviceModel>
<services>
<service name="XWebServiceLib.XWebService" behaviorConfiguration="XWebServiceBehave">
<host>
<baseAddresses>
<add baseAddress="http://10.82.80.21:80/XWebService"/>
</baseAddresses>
</host>
<endpoint address="http://10.82.80.21:80/XWebService" binding="basicHttpBinding" bindingNamespace="http://10.82.80.21:80/XWebService" contract="XWebServiceLib.IXWebService"/>
<endpoint address="mex" binding="mexHttpBinding" bindingNamespace="http://10.82.80.21:80/XWebService" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="XWebServiceBehave">
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
<dataContractSerializer maxItemsInObjectGraph="2147483647"/>
</behavior>
</serviceBehaviors>
</behaviors>
这就是我启动 WebService 的方式:
var instance = new XWebService();
svcHost = new ServiceHost(instance);
svcHost.Open();
如果上述配置工作正常,更改绑定类型以启用 Https 就足够了。
我们需要将basichttpbinding的安全模式改为传输安全模式。
<system.serviceModel>
<services>
<service name="XWebServiceLib.XWebService" behaviorConfiguration="XWebServiceBehave">
<host>
</host>
<endpoint address="https://10.82.80.21:80/XWebService" binding="basicHttpBinding" bindingConfiguration="mybinding" bindingNamespace="http://10.82.80.21:80/XWebService" contract="XWebServiceLib.IXWebService"/>
<endpoint address="mex" binding="mexHttpsBinding" bindingNamespace="http://10.82.80.21:80/XWebService" contract="IMetadataExchange"/>
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="mybinding">
<security mode="Transport">
<transport clientCredentialType="None"></transport>
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="XWebServiceBehave">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true"/>
<dataContractSerializer maxItemsInObjectGraph="2147483647"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
或者,我们可以使用 basichttpsbinding 而不应用特定的绑定配置。
<system.serviceModel>
<services>
<service name="XWebServiceLib.XWebService" behaviorConfiguration="XWebServiceBehave">
<host>
</host>
<endpoint address="https://10.82.80.21:80/XWebService" binding="basicHttpsBinding" bindingNamespace="http://10.82.80.21:80/XWebService" contract="XWebServiceLib.IXWebService"/>
<endpoint address="mex" binding="mexHttpsBinding" bindingNamespace="http://10.82.80.21:80/XWebService" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="XWebServiceBehave">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true"/>
<dataContractSerializer maxItemsInObjectGraph="2147483647"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
随后,Https 服务端点要求我们将证书绑定到特定端口。
https://docs.microsoft.com/en-us/dotnet/framework/wcf/feature-details/how-to-configure-a-port-with-an-ssl-certificate
通常,我们使用以下语句将证书绑定到端口。
netsh http add sslcert ipport=0.0.0.0:8000 certhash=0000000000003ed9cd0c315bbb6dc1c08da5e6 appid={00112233-4455-6677-8899-AABBCCDDEEFF}
在IIS中,可以通过站点绑定模块来完成。
https://docs.microsoft.com/en-us/dotnet/framework/wcf/feature-details/how-to-configure-an-iis-hosted-wcf-service-with-ssl
如果有什么我可以帮忙的,请随时告诉我。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.