我有一个使用WCF客户端调用Java Web Service的ASP.NET应用程序。通信工作直到需要证书。我更新了配置,但我在通话时收到错误。有没有人有配置的好例子?证书存储在证书库中。
在不需要客户证书时有效的配置:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="DocManagementSOAP" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false"
bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Mtom" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Transport">
<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://acme.com/services/docmanagement_V3"
binding="basicHttpBinding"
bindingConfiguration="DocManagementSOAP"
contract="FileNetDmsServiceReference.docManagement"
name="DocManagementSOAP" />
</client>
</system.serviceModel>
我尝试设置通过客户端证书失败的配置:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="DocManagementSOAP"
closeTimeout="00:01:00"
openTimeout="00:01:00"
receiveTimeout="00:10:00"
sendTimeout="00:01:00"
allowCookies="false"
bypassProxyOnLocal="false"
hostNameComparisonMode="StrongWildcard"
maxBufferSize="65536"
maxBufferPoolSize="524288"
maxReceivedMessageSize="65536"
messageEncoding="Mtom"
textEncoding="utf-8"
transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Transport">
<transport clientCredentialType="Certificate" proxyCredentialType="None" realm=""/>
<message clientCredentialType="Certificate" algorithmSuite="Default"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://acme.com/services/docmanagement_V3"
binding="basicHttpBinding"
bindingConfiguration="DocManagementSOAP"
behaviorConfiguration="CertificateBehavior"
contract="ServiceReference.docManagement"
name="DocManagementSOAP">
<identity>
<dns value="cert.acme.com" />
</identity>
</endpoint>
</client>
<behaviors>
<endpointBehaviors>
<behavior name="CertificateBehavior">
<clientCredentials>
<clientCertificate x509FindType="FindBySubjectName" findValue="cert.acme.com" storeLocation="LocalMachine"/>
<serviceCertificate>
<authentication certificateValidationMode="PeerOrChainTrust"
revocationMode="NoCheck"
trustedStoreLocation="LocalMachine" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>
答案 0 :(得分:1)
使用Microsoft技术支持后,这个配置终于奏效了:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="DocManagementSOAP"
messageEncoding="Mtom"
textEncoding="utf-8">
<security mode="Transport">
<transport clientCredentialType="Certificate" proxyCredentialType="None" realm="" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://acme.com/services/docmanagement_V3"
binding="basicHttpBinding"
behaviorConfiguration="cert"
bindingConfiguration="DocManagementSOAP"
contract="docManagement"
name="DocManagementSOAP" />
</client>
<behaviors>
<endpointBehaviors>
<behavior name="cert">
<clientCredentials>
<clientCertificate findValue="cert.acme.com"
storeLocation="LocalMachine"
storeName="My"
x509FindType="FindBySubjectName"/>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>
注意:如果您的服务不支持MTOM,请删除或更改messageEncoding属性。