我需要开发一个WCF Hosted in a console app WebService。
我使用Mutual Certificate (service and client)方法使用SecurityMode.Message使其工作。
但现在我需要将安全模式更改为SecurityMode.Transport并使用wsHttpBinding和SSL。我制作了这个代码来托管服务,但是我无法通过浏览器获取wsdl,或者在the console app客户端中执行一些webmethod。
static void Main()
{
var httpsUri = new Uri("https://localhost:8089/HelloServer");
var binding = new WSHttpBinding();
binding.Security.Mode = SecurityMode.Transport;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
var host = new ServiceHost(typeof(WcfFederationServer.HelloWorld), httpsUri);
host.AddServiceEndpoint(typeof(WcfFederationServer.IHelloWorld), binding, "", httpsUri);
var mex = new ServiceMetadataBehavior();
mex.HttpsGetEnabled = true;
host.Description.Behaviors.Add(mex);
// Open the service.
host.Open();
Console.WriteLine("Listening on {0}...", httpsUri);
Console.ReadLine();
// Close the service.
host.Close();
}
服务已启动,但https://localhost:8089/HelloServer无法获得任何结果。
在fiddler上,通过浏览器的get请求显示了这条消息:
fiddler.network.https> HTTPS handshake to localhost failed. System.IO.IOException
我在这里失踪了什么? 感谢
编辑:
Console Application Client Code
static void Main()
{
try
{
var client = new HelloWorldHttps.HelloWorldClient();
client.ClientCredentials.ClientCertificate.SetCertificate(
StoreLocation.LocalMachine,
StoreName.TrustedPeople,
X509FindType.FindBySubjectName,
"www.client.com");
Console.WriteLine(client.GetData());
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
Console.ReadKey();
}
出现此错误:
Could not establish trust relationship for the SSL/TLS secure channel
答案 0 :(得分:1)
当涉及到服务时,您需要将证书映射到特定端口,如此处所述
http://msdn.microsoft.com/en-us/library/ms733791(v=vs.110).aspx
对于客户端,您需要通过放宽证书接受策略来跳过证书属性的验证,例如有效日期,域。最简单的方法是接受任何认证
ServicePointManager.ServerCertificateValidationCallback = (a,b,c,d) => true
您可以根据文档微调接受回调,以最好地满足您的需求。