WebHttpBinding安全问题

Question

我创建了一个RESTful服务并实现了身份验证。它接受用户名和密码，然后授予访问所请求服务的权限。它工作正常。现在我想在我的服务上使用SSL。为此，我创建了证书，然后在IIS中我提供了所需的设置。但我的服务不起作用。我正在使用webHttpBinding。

我的服务方面的Web.Config是：

 <serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
<services>
    <service  behaviorConfiguration="ServiceBehavior" name="TestAPI">
      <host>
        <baseAddresses>
          <add baseAddress="https://localhost/AuthWithSSLTest/API/TestAPI.svc" />
        </baseAddresses>
      </host>
    <endpoint address="" behaviorConfiguration="RESTFriendly" bindingConfiguration="MywebHttpBinding"  binding="webHttpBinding" contract="ITestAPI" >
      </endpoint>
      <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
  </service>
</services>
<client /><bindings>
  <webHttpBinding>
    <binding name="MywebHttpBinding">
      <security mode="Transport" >
       <transport clientCredentialType="Certificate"/>
      </security> 
    </binding>
  </webHttpBinding>     
</bindings>
<behaviors>
  <endpointBehaviors>
    <behavior name="RESTFriendly">
      <webHttp />
    </behavior>
  </endpointBehaviors>
  <serviceBehaviors>
    <behavior name="ServiceBehavior">
      <serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" />
      <serviceDebug includeExceptionDetailInFaults="true" />
      <serviceCredentials>
        <clientCertificate>
          <authentication revocationMode="NoCheck" />
        </clientCertificate>
        <serviceCertificate findValue="CN=tempCertClient" />
      </serviceCredentials>
    </behavior>
  </serviceBehaviors>
</behaviors>

在我的客户端app.config中我有

<system.serviceModel>
    <behaviors>
        <endpointBehaviors>
            <behavior name="NewBehavior">
                <clientCredentials>
                    <clientCertificate findValue="CN=tempCertClient" storeLocation="LocalMachine" />
                    <serviceCertificate>
                        <authentication certificateValidationMode="PeerTrust" revocationMode="NoCheck" />
                    </serviceCertificate>
                </clientCredentials>
            </behavior>
        </endpointBehaviors>
    </behaviors>
    <bindings>
        <customBinding>
            <binding name="WebHttpBinding_ITestAPI">

              <httpTransport/>
            </binding>
        </customBinding>
    </bindings>
    <client>
        <endpoint address="https://localhost/AuthWithSSLTest/API/API.svc/TestMethod"
            behaviorConfiguration="NewBehavior" binding="customBinding"
            bindingConfiguration="WebHttpBinding_ITestAPI"
            contract="TestAPI.ITestAPI" name="WebHttpBinding_ITestAPI" />
    </client>
</system.serviceModel>

当我尝试运行客户端时，它表示提供的URI方案Https无效，需要http。

当我尝试从VS2008调用Web服务时，它说“找不到与绑定WebHttpBinding的端点的方案https匹配的基址。注册的基址方案是[http]。”

如果我尝试从IIS运行Web服务，它会说“无法找到与绑定WebHttpBinding的端点的方案http匹配的基址。注册的基址方案是[https]。”

我尝试了谷歌搜索并尝试了所有建议的事情，但没有下降。请帮助。

先谢谢， 塔拉辛格

Answer 1

在您的客户端配置中，尝试更改：

<httpTransport/>

为：

<httpsTransport/>