Win XP上的自托管WCF SSL失败

时间:2013-08-29 16:17:13

标签: wcf ssl windows-xp wcf-binding wcf-security

尝试在Windows XP上为自托管WCF服务配置SSL端点。我的配置在Windows 7上运行正常;但Windows XP,使用相同的证书,没有响应。我收到服务器未找到错误。

当我运行netstat -an时,我可以看到该服务正在侦听端口443.没有冲突的应用程序在端口上侦听并且防火墙已关闭。

有没有人见过这个?关于如何解决的任何想法?

运行httpcfg query ssl会产生以下结果:

C:\Documents and Settings\Kane>httpcfg query ssl
    IP                      : 0.0.0.0:443
    Hash                    :  4857fcdc71a69b8df67bb7cb7c6fb1073a08f23
    Guid                    : {00000000-0000-0000-0000-000000000000}
    CertStoreName           : (null)
    CertCheckMode           : 0
    RevocationFreshnessTime : 0
    UrlRetrievalTimeout     : 0
    SslCtlIdentifier        : (null)
    SslCtlStoreName         : (null)
    Flags                   : 0
------------------------------------------------------------------------------
    IP                      : 0.0.0.0:8443
    Hash                    :  4857fcdc71a69b8df67bb7cb7c6fb1073a08f23
    Guid                    : {00000000-0000-0000-0000-000000000000}
    CertStoreName           : (null)
    CertCheckMode           : 0
    RevocationFreshnessTime : 0
    UrlRetrievalTimeout     : 0
    SslCtlIdentifier        : (null)
    SslCtlStoreName         : (null)
    Flags                   : 0
------------------------------------------------------------------------------

以下是我的配置文件:

<?xml version="1.0"?>
<configuration>
  <system.web>
    <compilation debug="true" targetFramework="4.0"/>
  </system.web>
  <system.serviceModel>
    <protocolMapping>
      <add binding="webHttpBinding" scheme="http"/>
    </protocolMapping>
    <serviceHostingEnvironment multipleSiteBindingsEnabled="true" aspNetCompatibilityEnabled="false"/>
    <services>
      <service name="SomeWindowsService.SomeService" behaviorConfiguration="webServiceBehaviorConfig">
        <host>
          <baseAddresses>
            <add baseAddress="http://*:8080/"/>
            <add baseAddress="https://*/ssl/"/>
          </baseAddresses>
        </host>
        <!-- this endpoint is exposed at the base address provided by host: http://localhost:8080/someservice  -->
        <endpoint address="" binding="webHttpBinding"  behaviorConfiguration="WebHttpEndPointBehaviour" contract="SomeWindowsService.IFileAccessService"/>
        <endpoint name="someservice" address="someservice" binding="basicHttpBinding" bindingConfiguration="soapBindingConfig" contract="someservice"/>
        <endpoint name="someserviceSSL" address="ssl/someservice" binding="basicHttpBinding" bindingConfiguration="sslBindingConfig" contract="someservice"/>
        <endpoint address="mex" binding="mexHttpBinding" name="MetadataBinding" contract="IMetadataExchange"/>
      </service>
    </services>
    <!--Bindings-->
    <bindings>
      <basicHttpBinding>
        <binding name="soapBindingConfig" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647">
          <security mode="None"/>
          <readerQuotas maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxDepth="2147483647" maxNameTableCharCount="2147483647" maxStringContentLength="2147483647" />
        </binding>
        <binding name="sslBindingConfig" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647">
          <security mode="Transport"/>
          <readerQuotas maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxDepth="2147483647" maxNameTableCharCount="2147483647" maxStringContentLength="2147483647" />
        </binding>
      </basicHttpBinding>
    </bindings>
    <!--Behaviors-->
    <behaviors>
      <serviceBehaviors>
        <behavior name="webServiceBehaviorConfig">
          <serviceDebug includeExceptionDetailInFaults="true"/>
          <serviceMetadata httpGetEnabled="true" httpGetUrl="mex" httpsGetEnabled="true" httpsGetUrl="mex" />
          <dataContractSerializer maxItemsInObjectGraph="2147483647"/>
        </behavior>
      </serviceBehaviors>
      <endpointBehaviors>
        <behavior name="WebHttpEndPointBehaviour">
          <webHttp/>
        </behavior>
      </endpointBehaviors>
    </behaviors>
  </system.serviceModel>
  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>

  <startup><supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/><AutoStartTerminals>false</AutoStartTerminals></startup></configuration>

1 个答案:

答案 0 :(得分:0)

好的,为了理解造成这个问题的原因,我必须首先打开schannel错误记录(http://support.microsoft.com/kb/260729)。

在:HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ Control \ SecurityProviders \ SCHANNEL下,我添加了一个新的注册DWORD:EventLogging,其值为7.然后重启机器。

然后看着日志,我看到了错误:

事件类型:错误 事件来源:Schannel 活动类别:无 事件ID:36870 日期:2013年8月29日 时间:晚上8:03:07 用户:N / A. 计算机:发展 描述: 尝试访问SSL服务器凭据私钥时发生致命错误。加密模块返回的错误代码是0x80090016。

有关详细信息,请参阅http://go.microsoft.com/fwlink/events.asp上的“帮助和支持中心”。

此错误导致我在搜索谷歌搜索以下文章后发现:http://support.microsoft.com/kb/939616:“致命错误0x80090016”

我重新导入了证书,问题解决了。

关键是要退出Windows。记录提醒了我证书问题。

相关问题
最新问题