Question

我正在开发一个WCF服务，该服务将由客户在互联网上调用。该服务托管在IIS7中，仅接受http。对于客户从https打电话给我们，我们有一个反向代理，将请求转发到应用程序https到http。客户提供https网址以进行连接并顺利完成，并正确添加对服务的引用。当尝试创建客户端并添加端点https并执行它时会出现问题，如下所示：

System.ArgumentException：提供的URI方案“https”无效，
预计'http'。参数名称：via。

我留下了部分服务的web.config：

<bindings>
 <wsHttpBinding>
  <binding name="ConfigEP">
   <security mode="Message">
    <message clientCredentialType="Certificate" />
   </security>
  </binding>
 </wsHttpBinding>
</bindings>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true">
 <baseAddressPrefixFilters>
  <add prefix="http://serverInterno/App/"/>
 </baseAddressPrefixFilters>
</serviceHostingEnvironment>
<services>
 <service behaviorConfiguration="App.AppM_NameBehavior" name="App.AppM_Name">
  <endpoint address="" behaviorConfiguration="App.AppM_NameEPBehavior" binding="wsHttpBinding" bindingConfiguration="ConfigEP" name="App.AppM_NameEP" bindingNamespace="http://siteName/AppM_Name" contract="App.IAppM_Name" />
 </service>
</services>
<behaviors>
 <endpointBehaviors>
  <behavior name="App.AppM_NameEPBehavior">
   <wsdlExtensions location="https://urlsegura/App/Appm_Name.svc" singleFile="true" />
  </behavior>
 </endpointBehaviors>
 <serviceBehaviors>
  <behavior name="App.AppM_NameBehavior">
   <serviceDebug includeExceptionDetailInFaults="true" />
   <serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" />
   <serviceCredentials>
    <clientCertificate>
     <authentication customCertificateValidatorType="App.Validador, App" certificateValidationMode="Custom" />
    </clientCertificate>
    <serviceCertificate findValue="XX XX XX XX XX XX XX XX XX XX" x509FindType="FindBySerialNumber" />
   </serviceCredentials>
  </behavior>
 </serviceBehaviors>
</behaviors>
<extensions>
 <behaviorExtensions>
  <add name="wsdlExtensions" type="WCFExtras.Wsdl.WsdlExtensionsConfig, WCFExtras, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null"/>
 </behaviorExtensions>
</extensions>

这里是客户端的app.config：

<system.serviceModel>
 <behaviors>
  <endpointBehaviors>
   <behavior name="NewBehavior">
    <clientCredentials>
     <clientCertificate findValue="XX XX XX XX XX XX XX XX XX XX" x509FindType="FindBySerialNumber" />
    </clientCredentials>
   </behavior>
  </endpointBehaviors>
 </behaviors>
 <bindings>
  <wsHttpBinding>
   <binding name="App.AppM_NameEP" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
    <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
    <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" />
    <security mode="Message">
     <transport clientCredentialType="None" proxyCredentialType="None" realm="" />
     <message clientCredentialType="Certificate" negotiateServiceCredential="true" algorithmSuite="Default" establishSecurityContext="true" />
    </security>
   </binding>
  </wsHttpBinding>
 </bindings>
 <client>
  <endpoint address="https://urlsegura/App/Appm_Name.svc" binding="wsHttpBinding" bindingConfiguration="App.AppM_NameEP" contract="App.IAppM_Name" name="App.AppM_NameEP">
   <identity>
    <certificate encodedValue="XXXX" />
   </identity>
  </endpoint>
 </client>
</system.serviceModel>

提前致谢。最好的问候。

Answer 1

我认为您的错误是由于您在配置上使用基于邮件的安全性而导致的。尝试将其更改为Transport（在客户端和服务配置文件中），以便它使用SSL进行安全性而不是加密消息。

如果绝对必须加密邮件，则可以使用TransportWithMessageCredential。希望有所帮助。

Answer 2

我不了解您描述的反向代理，但似乎您正在尝试支持HTTP和＆amp ;; HTTPS。为此，您需要添加第二个端点。您可以将服务配置为：

<wsHttpBinding>
 <binding name="ConfigEP">
  <security mode="Message">
   <message clientCredentialType="Certificate" />
  </security>
 </binding>
 <binding name="ConfigEPHttps">
  <security mode="TransportWithMessageCredential">
   <message clientCredentialType="Certificate" />
  </security>
 </binding>
</wsHttpBinding>

并添加新端点：

<service behaviorConfiguration="App.AppM_NameBehavior" name="App.AppM_Name">
 <endpoint address="" behaviorConfiguration="App.AppM_NameEPBehavior"
   binding="wsHttpBinding"
   bindingConfiguration="ConfigEP"
   name="App.AppM_NameEP" 
   bindingNamespace="http://siteName/AppM_Name"
   contract="App.IAppM_Name" />
 <endpoint address="secure" behaviorConfiguration="App.AppM_NameEPBehavior"
   binding="wsHttpBinding"
   bindingConfiguration="ConfigEPHttps"
   name="App.AppM_NameEPHttps" 
   bindingNamespace="http://siteName/AppM_Name"
   contract="App.IAppM_Name" />
</service>

您还需要进行此更改以通过HTTPS获取WSDL：

<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />

调用WCF服务互联网的问题

2 个答案: