我创建了一个wcf Web服务并使用窗口服务托管它。当我在SSL的配置文件中进行更改时,问题就出现了。我使用make cert命令创建了自签名证书,如此处所述(http://www.digitallycreated.net/Blog/38/using-makecert-to-create-certificates-for-development),并且这些证书已添加到我的机器的可信和peresonal文件夹中。虽然我能够浏览我的服务但是当我用客户端应用程序调用服务方法时会出现此错误(HTTP请求被禁止使用客户端身份验证方案' Anonymous&#39 ;.)。我还使用netsh命令使用ssl配置了我的端口。
为了做到这一切,我已经按照本教程(http://talal-khan.blogspot.com/2010/02/hosting-https-ssl-wcf-as-windows.html)。
窗口服务配置:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="OurServiceBehavior">
<serviceCredentials>
<clientCertificate>
<authentication certificateValidationMode="ChainTrust" revocationMode="NoCheck"
trustedStoreLocation="LocalMachine" />
</clientCertificate>
<serviceCertificate findValue="24d7ac65704bc0a161cc2539d22ad2916f5cf4b0"
storeLocation="LocalMachine" storeName="My" x509FindType="FindByThumbprint" />
</serviceCredentials>
<serviceMetadata httpsGetEnabled="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="OurServiceBehavior" name="Service.Calculator">
<host>
<baseAddresses>
<add baseAddress="https://localhost:8022/CalculatorService" />
</baseAddresses>
</host>
<endpoint address=""
binding="wsHttpBinding" bindingConfiguration="SecureBinding"
contract="Service.Calculator" />
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="SecureBinding" closeTimeout="00:010:00"
openTimeout="00:010:00" receiveTimeout="00:10:00" sendTimeout="00:010:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text"
textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="Certificate" proxyCredentialType="None"
realm="" />
</security>
</binding>
</wsHttpBinding>
</bindings>
</system.serviceModel>
</configuration>
这是Client App config
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.net>
<settings>
<servicePointManager checkCertificateName="false"/>
</settings>
</system.net>
<system.serviceModel>
<behaviors>
<endpointBehaviors >
<behavior name="SecureEpBehavior">
<clientCredentials>
<serviceCertificate>
<authentication certificateValidationMode="ChainTrust" trustedStoreLocation="LocalMachine" revocationMode="NoCheck"/>
</serviceCertificate>
<clientCertificate findValue="1df9b9ff70a1d876aec9f30e5a315604937f7c91"
storeLocation="LocalMachine" storeName ="My" x509FindType="FindByThumbprint" />
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_Calculator" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="Certificate" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Windows" negotiateServiceCredential="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://localhost:8782/CalculatorService/"
binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_Calculator" behaviorConfiguration="SecureEpBehavior"
contract="CalculatorService.Calculator" name="WSHttpBinding_Calculator" />
</client>
</system.serviceModel>
</configuration>