我正在尝试让https在WCF中使用basicHttpBinding。该服务似乎运行正常,但是当我尝试运行我的客户端并且当它调用服务上的一个方法时,我得到以下异常:
无法与权限'sfs-111:20023'建立SSL / TLS安全通道的信任关系。
我在下面提供了我的代码和配置文件。如果有人能提供帮助,我将非常感激。
请注意,我是WCF的新手。
这是我的服务APP.CONFIG:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<!-- DEBUG - TURN ON TRACING -->
<system.diagnostics>
<sources>
<source name="System.ServiceModel" switchValue="Information, ActivityTracing" propagateActivity="true">
<listeners>
<add name="traceListener"
type="System.Diagnostics.XmlWriterTraceListener"
initializeData= "c:\tahseen\dd\WCFServer.svclog" />
</listeners>
</source>
</sources>
</system.diagnostics>
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<!-- BEHAVIOR FOR META DATA -->
<behavior name="DeltaServiceBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceCredentials>
<windowsAuthentication includeWindowsGroups="false" allowAnonymousLogons="false" />
</serviceCredentials>
<dataContractSerializer maxItemsInObjectGraph="100000000" />
</behavior>
<!-- BEHAVIOR FOR TRANSPORT SECURITY -->
<behavior name="SecureBehavior">
<serviceMetadata httpGetEnabled="true"/>
<serviceCredentials>
<clientCertificate>
<authentication certificateValidationMode="PeerTrust" />
</clientCertificate>
<serviceCertificate findValue="sfs-Test" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="My" />
</serviceCredentials>
<dataContractSerializer maxItemsInObjectGraph="100000000" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<!-- DEFINE BINDING -->
<basicHttpBinding>
<binding name="HttpBinding_AlphaSystem">
<security mode="Transport">
<transport clientCredentialType="Certificate" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<!-- DEFINE SERVICE -->
<service behaviorConfiguration="SecureBehavior" name="Alpha.Services.DeltaService.DeltaService">
<!-- ENDPOINT FOR METADATA -->
<endpoint address="mex" binding="basicHttpBinding" bindingConfiguration="" contract="IMetadataExchange" />
<!-- ENDPOINT FOR DATA -->
<endpoint address="" binding="basicHttpBinding" bindingConfiguration="HttpBinding_AlphaSystem" contract="Alpha.Services.DeltaService.IDeltaService"/>
<!-- BASE ADDRESSES FOR SERVICE-->
<host>
<baseAddresses>
<add baseAddress="http://SFS-111:20022/DeltaService" />
<add baseAddress="https://SFS-111:20023/DeltaService" />
</baseAddresses>
</host>
</service>
</services>
</system.serviceModel>
</configuration>
这是我的客户APP.CONFIG:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.diagnostics>
<sources>
<source name="System.ServiceModel" switchValue="Information, ActivityTracing" propagateActivity="true">
<listeners>
<add name="traceListener" type="System.Diagnostics.XmlWriterTraceListener" initializeData="c:\tahseen\dd\WCFClient.svclog" />
</listeners>
</source>
</sources>
</system.diagnostics>
<system.serviceModel>
<!-- DEFINE SECURE BEHAVIOR -->
<behaviors>
<endpointBehaviors>
<behavior name="ClientBehavior">
<clientCredentials>
<clientCertificate findValue="sfs-Client" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="My" />
<serviceCertificate>
<authentication certificateValidationMode="PeerTrust"/>
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IDeltaService" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false"
bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Transport">
<transport clientCredentialType="Certificate" realm="" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://sfs-111:20023/DeltaService" binding="basicHttpBinding" behaviorConfiguration ="ClientBehavior"
bindingConfiguration="BasicHttpBinding_IDeltaService" contract="DeltaService.IDeltaService"
name="BasicHttpBinding_IDeltaService">
<identity>
<dns value="sfs-Test" />
</identity>
</endpoint>
</client>
</system.serviceModel>
</configuration>
这是我的服务代码:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.ServiceModel;
using System.ServiceModel.Description;
namespace Alpha.Services.DeltaService
{
public class DeltaService : IDeltaService
{
public int timesTwo(int n)
{
return n * 2;
}
}
[ServiceContract]
interface IDeltaService
{
[OperationContract]
int timesTwo(int n);
}
public class App
{
public static void Main(string[] args)
{
//DeltaService service = new DeltaService();
ServiceHost serviceHost = new ServiceHost(typeof(DeltaService));
serviceHost.Open();
Console.WriteLine("Press any key to exit");
Console.ReadKey();
serviceHost.Close();
}
}
}
这是我的客户代码:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
namespace WCFClient
{
class Program
{
static void Main(string[] args)
{
DeltaService.IDeltaService service = new DeltaService.DeltaServiceClient();
int result = service.timesTwo(5);
Console.WriteLine(result);
}
}
}
答案 0 :(得分:2)
仅用于测试,尝试在客户端上禁用ssl验证:
http://webservices20.blogspot.com/2008/12/wcf-gotcha-disabling-ssl-validation.html
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
...
ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(OnValidationCallback);
...
public static bool OnValidationCallback(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors errors)
{
return true;
}