在.NET问题中Https Web服务

时间:2011-08-04 16:31:56

标签: wcf ssl https

我是.NET和SSL的新手,我面临着在SOAP服务和客户端之间建立安全通信的问题。 它在HTTP上运行良好,但现在我们必须应用SSL。 我们从CA获得证书。 完成的后续步骤如下:

1)使用httpcfg set ssl -i 0.0.0.0:777 -h <thumbprintkey>

启用服务使用的端口

2)httpcfg set urlacl -u https://<domanname>:777/TlsService/ServiceSecure -a D:(A;;GA;;;AN)

3)httpcfg set iplisten-i 0.0.0.0:777

WebService代码如下:

WSHttpBinding binding = new WSHttpBinding();
binding.Security.Mode = SecurityMode.Transport;
binding.Security.Message.ClientCredentialType = MessageCredentialType.None;

ServiceHost host = new ServiceHost(typeof(DeviceObservationConsumer_hostPCDData), new Uri("https://<domainname>:777/TlsService/ServiceSecure"));
host.Credentials.ServiceCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindByThumbprint, (string)"bd 35 ec c0 e6 b3 9a ac 74 09 09 c5 84 b8 fd 58 51 44 87 7d");

host.AddServiceEndpoint(typeof(IDeviceObservationConsumer_Binding_Soap12), binding, "");

ServiceMetadataBehavior smb = host.Description.Behaviors.Find<ServiceMetadataBehavior>();
// If not, add one
if (smb == null)
    smb = new ServiceMetadataBehavior();
smb.HttpsGetEnabled = true;

host.Description.Behaviors.Add(smb);

// Add MEX endpoint
host.AddServiceEndpoint(ServiceMetadataBehavior.MexContractName, MetadataExchangeBindings.CreateMexHttpsBinding(), "mex");

host.Open();

客户端代码如下:

WSHttpBinding binding = new WSHttpBinding();
binding.Security.Mode = SecurityMode.Transport;
binding.Security.Message.ClientCredentialType = MessageCredentialType.None;

EndpointAddress addr = new EndpointAddress("https://<domainname>:777/TlsService/ServiceSecure");

ChannelFactory<DeviceObservationConsumer_PortType> myChannelFactory = new ChannelFactory<DeviceObservationConsumer_PortType>(binding, addr);
//myChannelFactory.Credentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindByThumbprint, (string)"bd 35 ec c0 e6 b3 9a ac 74 09 09 c5 84 b8 fd 58 51 44 87 7d");

DeviceObservationConsumer_PortType client = myChannelFactory.CreateChannel();

CommunicatePCDDataRequest req = new CommunicatePCDDataRequest("ciao mamma guarda come mi diverto!");
CommunicatePCDDataResponse resp = client.CommunicatePCDData(req);

myChannelFactory.Close();

服务和客户都在同一台PC上。

我无法通过浏览器访问https://<domanname>:777/TlsService/ServiceSecure(获取页面未找到错误),并且肯定客户端也无法访问它。 哪里可能是问题,有人可以帮助我!!!! ??

提前致谢,

柳德米拉

2 个答案:

答案 0 :(得分:1)

我的理解是WSHttpBinding使用HTTP作为传输协议。要使用HTTPS,您必须指定HTTPS传输协议。

我建议您尝试使用自定义绑定(而不是预先配置的WSHttpBinding)和HttpsTransportBindingElement。

您的配置类似于

<customBinding>
    <binding name="myBinding">
        <reliabileSession />
        <security><!--Your security section falls in here -->
        </security>
        <httpsTransport/>
        <textMessageEncoding />
    </binding>
</customBinding>

您可以参考customBinding了解更多信息。

答案 1 :(得分:0)

这是我们这次使用的代码: 服务:

ServiceHost host = new ServiceHost(typeof(DeviceObservationConsumer_hostPCDData), new Uri("https://<PCname>:777/TlsService/ServiceSecure"));
CustomBinding tlsbinding = new CustomBinding();
tlsbinding.Name = "TlsBinding";

HttpsTransportBindingElement httpsTransport = new HttpsTransportBindingElement();
tlsbinding.Elements.Add(httpsTransport);

ServiceDebugBehavior sdb = host.Description.Behaviors.Find<ServiceDebugBehavior>();
// If not, add one
if (sdb == null)
    sdb = new ServiceDebugBehavior();
sdb.IncludeExceptionDetailInFaults = true;

ServiceMetadataBehavior smb = host.Description.Behaviors.Find<ServiceMetadataBehavior>();
// If not, add one
if (smb == null)
    smb = new ServiceMetadataBehavior();
smb.HttpsGetEnabled = true;

host.Description.Behaviors.Add(smb);
host.Description.Behaviors.Add(sdb);
// Add MEX endpoint
host.AddServiceEndpoint(ServiceMetadataBehavior.MexContractName, MetadataExchangeBindings.CreateMexHttpsBinding(), "mex");
// Add application endpoint
host.AddServiceEndpoint(typeof(IDeviceObservationConsumer_Binding_Soap12), tlsbinding, "");

host.Credentials.ServiceCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindByThumbprint, (string)"bd 35 ec c0 e6 b3 9a ac 74 09 09 c5 84 b8 fd 58 51 44 87 7d");
// hosting the WS
host.Open();

客户端:

CustomBinding binding = new CustomBinding();
binding.Name = "TlsBinding";

HttpsTransportBindingElement httpsTransport = new HttpsTransportBindingElement();
binding.Elements.Add(httpsTransport);

EndpointAddress addr = new EndpointAddress("https://<PCname>:777/TlsService/ServiceSecure");

ChannelFactory<DeviceObservationConsumer_PortType> myChannelFactory = new ChannelFactory<DeviceObservationConsumer_PortType>(binding, addr);

DeviceObservationConsumer_PortType client = myChannelFactory.CreateChannel();

CommunicatePCDDataRequest req = new CommunicatePCDDataRequest("ciao mamma guarda come mi diverto!");
CommunicatePCDDataResponse resp = client.CommunicatePCDData(req);

myChannelFactory.Close();

完成其余步骤以使SSL看起来对你有用吗?

再次感谢您的回复!

柳德米拉

相关问题
最新问题