[英]migrate to https in a c# self-hosted WFC service
我有一個 c# 自托管 WebService 和一個 http 端點。 一切正常,現在我想將它遷移到 HTTPS 中。 我有證書,我該怎么辦? 腫瘤壞死因子
這是我的 app.config:
<system.serviceModel>
<services>
<service name="XWebServiceLib.XWebService" behaviorConfiguration="XWebServiceBehave">
<host>
<baseAddresses>
<add baseAddress="http://10.82.80.21:80/XWebService"/>
</baseAddresses>
</host>
<endpoint address="http://10.82.80.21:80/XWebService" binding="basicHttpBinding" bindingNamespace="http://10.82.80.21:80/XWebService" contract="XWebServiceLib.IXWebService"/>
<endpoint address="mex" binding="mexHttpBinding" bindingNamespace="http://10.82.80.21:80/XWebService" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="XWebServiceBehave">
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
<dataContractSerializer maxItemsInObjectGraph="2147483647"/>
</behavior>
</serviceBehaviors>
</behaviors>
這就是我啟動 WebService 的方式:
var instance = new XWebService();
svcHost = new ServiceHost(instance);
svcHost.Open();
如果上述配置工作正常,更改綁定類型以啟用 Https 就足夠了。
我們需要將basichttpbinding的安全模式改為傳輸安全模式。
<system.serviceModel>
<services>
<service name="XWebServiceLib.XWebService" behaviorConfiguration="XWebServiceBehave">
<host>
</host>
<endpoint address="https://10.82.80.21:80/XWebService" binding="basicHttpBinding" bindingConfiguration="mybinding" bindingNamespace="http://10.82.80.21:80/XWebService" contract="XWebServiceLib.IXWebService"/>
<endpoint address="mex" binding="mexHttpsBinding" bindingNamespace="http://10.82.80.21:80/XWebService" contract="IMetadataExchange"/>
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="mybinding">
<security mode="Transport">
<transport clientCredentialType="None"></transport>
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="XWebServiceBehave">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true"/>
<dataContractSerializer maxItemsInObjectGraph="2147483647"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
或者,我們可以使用 basichttpsbinding 而不應用特定的綁定配置。
<system.serviceModel>
<services>
<service name="XWebServiceLib.XWebService" behaviorConfiguration="XWebServiceBehave">
<host>
</host>
<endpoint address="https://10.82.80.21:80/XWebService" binding="basicHttpsBinding" bindingNamespace="http://10.82.80.21:80/XWebService" contract="XWebServiceLib.IXWebService"/>
<endpoint address="mex" binding="mexHttpsBinding" bindingNamespace="http://10.82.80.21:80/XWebService" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="XWebServiceBehave">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true"/>
<dataContractSerializer maxItemsInObjectGraph="2147483647"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
隨后,Https 服務端點要求我們將證書綁定到特定端口。
https://docs.microsoft.com/en-us/dotnet/framework/wcf/feature-details/how-to-configure-a-port-with-an-ssl-certificate
通常,我們使用以下語句將證書綁定到端口。
netsh http add sslcert ipport=0.0.0.0:8000 certhash=0000000000003ed9cd0c315bbb6dc1c08da5e6 appid={00112233-4455-6677-8899-AABBCCDDEEFF}
在IIS中,可以通過站點綁定模塊來完成。
https://docs.microsoft.com/en-us/dotnet/framework/wcf/feature-details/how-to-configure-an-iis-hosted-wcf-service-with-ssl
如果有什么我可以幫忙的,請隨時告訴我。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.