2012-07-23 304 views
1

我有一個使用WCF客戶端調用Java Web服務的ASP.NET應用程序。通信一直運行到需要證書。我更新了配置,但我在通話中收到錯誤。有沒有人有配置的好例子?證書存儲在證書存儲區中。使用WCF客戶端消費非WCF服務並傳遞客戶端證書

配置不需要客戶端證書時的工作原理:

<system.serviceModel> 
    <bindings> 
      <basicHttpBinding> 
       <binding name="DocManagementSOAP" closeTimeout="00:01:00" openTimeout="00:01:00" 
        receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false" 
        bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" 
        maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" 
        messageEncoding="Mtom" textEncoding="utf-8" transferMode="Buffered" 
        useDefaultWebProxy="true"> 
        <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" 
         maxBytesPerRead="4096" maxNameTableCharCount="16384" /> 
        <security mode="Transport"> 
         <transport clientCredentialType="None" proxyCredentialType="None" realm="" /> 
         <message clientCredentialType="UserName" algorithmSuite="Default" /> 
        </security> 
       </binding> 
      </basicHttpBinding> 
     </bindings> 
     <client> 
      <endpoint address="https://acme.com/services/docmanagement_V3" 
         binding="basicHttpBinding" 
         bindingConfiguration="DocManagementSOAP" 
         contract="FileNetDmsServiceReference.docManagement" 
         name="DocManagementSOAP" /> 
     </client> 
    </system.serviceModel> 

配置是做不到這一點,我想設置通過客戶端證書:

<system.serviceModel> 
     <bindings> 
      <basicHttpBinding> 
       <binding name="DocManagementSOAP" 
         closeTimeout="00:01:00" 
         openTimeout="00:01:00" 
         receiveTimeout="00:10:00" 
         sendTimeout="00:01:00" 
         allowCookies="false" 
         bypassProxyOnLocal="false" 
         hostNameComparisonMode="StrongWildcard" 
         maxBufferSize="65536" 
         maxBufferPoolSize="524288" 
         maxReceivedMessageSize="65536" 
         messageEncoding="Mtom" 
         textEncoding="utf-8" 
         transferMode="Buffered" 
         useDefaultWebProxy="true"> 
        <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> 
        <security mode="Transport"> 
         <transport clientCredentialType="Certificate" proxyCredentialType="None" realm=""/> 
         <message clientCredentialType="Certificate" algorithmSuite="Default"/> 
        </security> 
       </binding> 
      </basicHttpBinding> 
     </bindings> 
     <client> 
      <endpoint address="https://acme.com/services/docmanagement_V3" 
         binding="basicHttpBinding" 
         bindingConfiguration="DocManagementSOAP" 
         behaviorConfiguration="CertificateBehavior" 
         contract="ServiceReference.docManagement" 
         name="DocManagementSOAP"> 
       <identity> 
        <dns value="cert.acme.com" /> 
       </identity> 
      </endpoint>  
     </client> 
     <behaviors> 
      <endpointBehaviors> 
       <behavior name="CertificateBehavior"> 
        <clientCredentials> 
         <clientCertificate x509FindType="FindBySubjectName" findValue="cert.acme.com" storeLocation="LocalMachine"/> 
         <serviceCertificate> 
          <authentication certificateValidationMode="PeerOrChainTrust" 
              revocationMode="NoCheck" 
              trustedStoreLocation="LocalMachine" /> 
         </serviceCertificate> 
        </clientCredentials> 
       </behavior> 
      </endpointBehaviors> 
     </behaviors> 
    </system.serviceModel> 

回答

1

與微軟的技術支持工作後,這是最後工作的配置:

<system.serviceModel> 
     <bindings> 
      <basicHttpBinding> 
       <binding name="DocManagementSOAP" 
         messageEncoding="Mtom" 
         textEncoding="utf-8"> 
        <security mode="Transport"> 
         <transport clientCredentialType="Certificate" proxyCredentialType="None" realm="" /> 
        </security> 
       </binding> 
      </basicHttpBinding> 
     </bindings> 
     <client> 
      <endpoint address="https://acme.com/services/docmanagement_V3" 
         binding="basicHttpBinding" 
         behaviorConfiguration="cert" 
         bindingConfiguration="DocManagementSOAP" 
         contract="docManagement" 
         name="DocManagementSOAP" /> 
     </client> 
     <behaviors> 
      <endpointBehaviors> 
       <behavior name="cert"> 
        <clientCredentials> 
         <clientCertificate findValue="cert.acme.com" 
              storeLocation="LocalMachine" 
              storeName="My" 
              x509FindType="FindBySubjectName"/> 
        </clientCredentials> 
       </behavior> 
      </endpointBehaviors> 
     </behaviors> 
    </system.serviceModel> 

注意:如果您的服務不支持MTOM,請移除或更改messageEncoding屬性。