C#WCF和证书FaultException

时间:2010-09-11 22:56:22

标签: c# visual-studio-2008 wcf certificate

我想用服务器和客户端证书实现WCF服务。

当我尝试连接到IIS上的服务时,我收到以下错误:

  

测试方法   TestProject1.UnitTest1.TestMethod1   抛出异常:   System.ServiceModel.Security.SecurityNegotiationException:   安全通道无法打开   因为与安全谈判   远程端点失败。这可能   由于缺席或不正确   指定的EndpointIdentity   用于创建的EndpointAddress   渠道。请验证   指定或暗示的EndpointIdentity   由EndpointAddress正确   标识远程端点。 --->   System.ServiceModel.FaultException:   安全令牌的请求有   无效或格式错误的元素..

我的web.config:

<system.serviceModel>
    <bindings>
       <wsHttpBinding>
          <binding name="DotNetStoreBinding" receiveTimeout="00:00:15">
             <reliableSession inactivityTimeout="00:00:20" />
             <security mode="Message">
                <message clientCredentialType="Certificate"/>
             </security>
          </binding>
       </wsHttpBinding>
    </bindings>
    <services>
        <service behaviorConfiguration="ServiceBehavior" name="WcfServiceCustumer.Service1">
            <endpoint binding="wsHttpBinding" contract="WcfServiceCustumer.IService1">
                <identity>
                    <dns value="localhost" />
                </identity>
            </endpoint>
            <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
        </service>
    </services>
    <behaviors>
        <serviceBehaviors>
            <behavior name="ServiceBehavior">
                <serviceMetadata httpsGetEnabled="true" httpGetEnabled="true"/>
                <serviceCredentials>
                    <serviceCertificate storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectDistinguishedName" findValue="CN=DotNetStore" />
                    <clientCertificate>
                      <certificate storeLocation="LocalMachine" storeName="TrustedPeople" x509FindType="FindBySubjectDistinguishedName" findValue="CN=Bob"/>
                      <authentication certificateValidationMode="PeerTrust" />
                    </clientCertificate>
                </serviceCredentials>
                <serviceDebug includeExceptionDetailInFaults="true"/>
            </behavior>
        </serviceBehaviors>
    </behaviors>
</system.serviceModel>

创建服务器后,我创建了新项目并添加了服务引用。我这样称呼服务:

EndpointAddress address = new EndpointAddress(
        new Uri("http://localhost/CustomerServiceSite/Customer.svc"),
        EndpointIdentity.CreateDnsIdentity("DotNetStore"),
        new AddressHeaderCollection()
    );

WSHttpBinding binding = new WSHttpBinding();
binding.Security.Mode = SecurityMode.Message;
binding.Security.Message.ClientCredentialType = MessageCredentialType.Certificate;

var client = new CustomerService.Service1Client(binding, address);

client.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.PeerTrust;
client.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindBySubjectDistinguishedName, "CN=Bob");

IList<Product> allProducts = client.GetAllProducts();

任何帮助都将不胜感激。

1 个答案:

答案 0 :(得分:1)

问题是由于证书而发生的。我在客户和服务方面没有正确的配对。

可以在此处找到如何正确使用证书的详细说明: http://www.codeproject.com/KB/WCF/9StepsWCF.aspx?msg=3181718

相关问题
最新问题