WCF中的運輸安全

Question

我的解決方案中有2個控制台應用程序。 這是我的WCF服務：

using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.Serialization;
using System.ServiceModel;
using System.Text;

namespace TransportSecTaulty
{
    [ServiceContract]
    public interface ITestService
    {
        [OperationContract]
        void CallMe(string message);
    }
}


using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.Serialization;
using System.ServiceModel;
using System.Text;

namespace TransportSecTaulty
{
    public class TestService : ITestService
    {
        public void CallMe(string message)
        {
            Console.BackgroundColor = ConsoleColor.Green;
            Console.Write(message);
            Console.BackgroundColor = ConsoleColor.Black;
        }
    }
}

這是托管WCF服務的應用程序的app.config：

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <system.serviceModel>
        <behaviors>
            <serviceBehaviors>
                <behavior name="">
                    <serviceMetadata  httpsGetEnabled="true" />
                    <serviceDebug includeExceptionDetailInFaults="true" />
                </behavior>
            </serviceBehaviors>
        </behaviors>
        <services>
            <service name="TransportSecTaulty.TestService">
                <endpoint address="" binding="basicHttpBinding" bindingConfiguration="serviceConfig" contract="TransportSecTaulty.ITestService">
                    <identity>
                        <dns value="localhost" />
                    </identity>
                </endpoint>
                <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
                <host>
                    <baseAddresses>
                        <add baseAddress="https://localhost:8734/Design_Time_Addresses/TransportSecTaulty/TestService/" />
                    </baseAddresses>
                </host>
            </service>
        </services>
      <bindings>
        <basicHttpBinding>
          <binding name="serviceConfig">
            <security mode="Transport">
            </security>
          </binding>
        </basicHttpBinding>
      </bindings>
    </system.serviceModel>
</configuration>

我的服務正常啟動，沒有任何問題。 但是，當我嘗試在客戶端中添加服務引用時，出現此錯誤：

There was an error downloading 'https://localhost:8734/Design_Time_Addresses/TransportSecTaulty/TestService/'.
The underlying connection was closed: An unexpected error occurred on a send.
Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host.
An existing connection was forcibly closed by the remote host
Metadata contains a reference that cannot be resolved: 'https://localhost:8734/Design_Time_Addresses/TransportSecTaulty/TestService/'.
An error occurred while making the HTTP request to https://localhost:8734/Design_Time_Addresses/TransportSecTaulty/TestService/. This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server.
The underlying connection was closed: An unexpected error occurred on a send.
Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host.
An existing connection was forcibly closed by the remote host
If the service is defined in the current solution, try building the solution and adding the service reference again.

我無法在瀏覽器中瀏覽我的服務。 但是，同一件事在http上也可以正常使用。 問題僅出現在https中。

知道有什么問題嗎？

Answer 1

你有

<endpoint address="" 
          binding="basicHttpBinding" 
          bindingConfiguration="serviceConfig" 
          contract="TransportSecTaulty.ITestService">

但我希望您想要binding="basicHttpsBinding"

Answer 2

您正在嘗試使用https保護元數據，而服務本身是純http。 那真的是你想要的嗎？

MSDN上有一篇有關保護元數據的文章。 它還可以保護服務本身（這很合理-為什么要保護元數據而不保護服務？）

Answer 3

您應該使用WSHttpBinding ......