我想连接到需要证书的服务参考。指定证书并尝试测试连接后,我会遇到这种错误:
其他信息:向https://100.100.100.60:8889/DEGSHost发出HTTP请求时发生错误。这可能是由于在HTTPS情况下未使用HTTP.SYS正确配置服务器证书。这也可能是由于客户端和服务器之间的安全绑定不匹配造成的。
请检查我的代码。 Test()方法:
[HttpGet]
public string Test ()
{
BankIdService.DegsNSSClient service = new BankIdService.DegsNSSClient();
service.ClientCredentials.ClientCertificate.Certificate = CertificateHelper.GetCertificate();
ServicePointManager.SecurityProtocol |= SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;
var test = service.IsResponsePrepared(10);
long idRQ = service.SendRequest("BANKID", "P001", true, "");
return idRQ.ToString();
}
GetCertificate()方法:
public static X509Certificate2 GetCertificate()
{
string certThumbPrint = "b0460fd819b89038eddfa630f0b049eff0c8b588";
certThumbPrint = certThumbPrint.Replace("\u200e", string.Empty).Replace("\u200f", string.Empty).Replace(" ", string.Empty);
X509Store certStore = new X509Store(StoreName.My, StoreLocation.LocalMachine);
certStore.Open(OpenFlags.ReadOnly);
X509Certificate2Collection certCollection = certStore.Certificates
.Find(X509FindType.FindByThumbprint, certThumbPrint, false);
certStore.Close();
return certCollection[0];
}
Web.config:
<?xml version="1.0" encoding="utf-8"?>
<!--
For more information on how to configure your ASP.NET application, please visit
https://go.microsoft.com/fwlink/?LinkId=301879
-->
<configuration>
<configSections>
</configSections>
<appSettings></appSettings>
<system.web>
<compilation debug="true" targetFramework="4.6.1"/>
<httpRuntime targetFramework="4.6.1"/>
</system.web>
<system.webServer>
<handlers>
<remove name="ExtensionlessUrlHandler-Integrated-4.0"/>
<remove name="OPTIONSVerbHandler"/>
<remove name="TRACEVerbHandler"/>
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler"
preCondition="integratedMode,runtimeVersionv4.0"/>
</handlers>
</system.webServer>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="System.Web.Helpers" publicKeyToken="31bf3856ad364e35"/>
<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0"/>
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35"/>
<bindingRedirect oldVersion="1.0.0.0-5.2.3.0" newVersion="5.2.3.0"/>
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.WebPages" publicKeyToken="31bf3856ad364e35"/>
<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0"/>
</dependentAssembly>
</assemblyBinding>
</runtime>
<system.codedom>
<compilers>
<compiler language="c#;cs;csharp" extension=".cs"
type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.CSharpCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=1.0.8.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
warningLevel="4" compilerOptions="/langversion:default /nowarn:1659;1699;1701"/>
<compiler language="vb;vbs;visualbasic;vbscript" extension=".vb"
type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.VBCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=1.0.8.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
warningLevel="4" compilerOptions="/langversion:default /nowarn:41008 /define:_MYTYPE=\"Web\" /optionInfer+"/>
</compilers>
</system.codedom>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="DEGSHostEndpoint">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="Certificate" />
<message clientCredentialType="Certificate" establishSecurityContext="false" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://100.100.100.60:8889/DEGSHost" binding="wsHttpBinding"
bindingConfiguration="DEGSHostEndpoint" contract="BankIdService.IDegsNSS"
name="DEGSHostEndpoint">
<identity>
<certificate encodedValue="AwAAAAEAAAAUAAAAeh9PPxoJdMjpm03i9L6+J1i12JwgAAAAAQAAADEDAAAwggMtMIICFaADAgECAhDUIxN7S0ngiEcKjY4OXrTGMA0GCSqGSIb3DQEBCwUAMCUxIzAhBgNVBAMTGkRFR1NWaW9sYXRpb24gUm9vdCBDQSBUZXN0MB4XDTE2MTIxNjA2NDQyNVoXDTE4MTIxMTIwMDAwMFowJDEiMCAGA1UEAxMZREVHU1Zpb2xhdGlvbiBTZXJ2ZXIgVGVzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALg4VpeI1wGjMmhVLEG5mgs9z8PthGe1GSlodiey0koziYLsF+4G+biV703FDoA9FLbWBiDFEFKhOMaKrOnd3i5WdllFj46BJ7v5rHFdY2prEt72yolP2ihJP24X6fyAis2ZvIx9BdgZxsQiD0JdjIT2lI+nWiQWrGT1YLmrfgxeMhAsIWEg3dNe0DtJ76QgXcQX2jJmZW8gDX/6MwyIRJ5EAUKmfG/V2Hr02LxXjMYZmOi+kYSmxXtyzQL+85hXnWYVy2fnqfG/gsOkT1DDx2mTJhRX0CzcX6sVnluvtXdRnzqRrhectbj/pZQIThLplbgwhXrjRMneHpLn1Xz/LscCAwEAAaNaMFgwVgYDVR0BBE8wTYAQKwKiInKj+crrB/DBLt8awaEnMCUxIzAhBgNVBAMTGkRFR1NWaW9sYXRpb24gUm9vdCBDQSBUZXN0ghBgGwmj3MkCkU75FhUOy1KdMA0GCSqGSIb3DQEBCwUAA4IBAQDEmCpOnxHcrcwgRb57IXgsVztvrFiRtRT32TBkiIVa3k1tdfjCv7e4RfES7dS8XV107yPi+tNgbiAmDBpcIRJWNgS4XuE9O+SDsBGRbra69OiVjFTbEsFmz8x4t7LneHmoOl4j/aI/onC8VE+Gcu8zMoS4U7GrZbteU6nx1rKfUUCvSQGlbRUiHx5s6IyLm/+aZeCNkTR6wWfymPp33AqiDgkItvHdaW4MMyVBXsq4HKC5LuzcOhfFpgXcoSkOOPTugACEAQKhH0xVDBH8HwgALtAZpFcANYviChprbLZZfzSgXZKs0zBmv2EnkwWJlZeoM5gXBeBXj4ZuH2S4aG0x" />
</identity>
</endpoint>
</client>
</system.serviceModel>
</configuration>
我试图切换添加HttpsEnabled设置为true的serviceMetada,但是我不知道如何在生成的配置文件上添加服务行为(我在配置中为null)。请帮我。预先感谢!