0
我有一個問題,消耗Soap Web服務(瓦特/ att。)和MTOM需要客戶端證書身份驗證(相互?)。503錯誤消耗第三部分SOAP Web服務使用TLS 1.2和客戶端證書身份驗證與WCF
之前寫的東西我已經試過我告訴你我才能收到客戶端證書做:
- 我產生RSA密鑰與
openssl command openssl genrssa -out mykey.key 2048 - 有了這個關鍵的我「已經產生了CSR:
openssl req -new -key mykey.key -out mycsr.csr - 我才能收到客戶端證書發送此CSR到Web服務業主,他們給了我一個簽名CERTI ficate:certificate.cer
現在我已經得到了我已經添加在我的證書存儲在受信任的根證書頒發機構我的客戶端證書。
現在代碼:
首先我在Visual Studio中創建一個測試項目,我添加使用該服務的WSDL服務引用。
然後我寫了幾行代碼:
' Setting TLS 1.2 protocol '
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12
ServicePointManager.ServerCertificateValidationCallback = Function(sender1, certificate, chain, sslPolicyErrors)
Return True
End Function
'Creating endpoint and binding'
Dim endpoint As EndpointAddress = New EndpointAddress("https://myWebService.it/service-page")
Dim sslBinding As BasicHttpBinding = New BasicHttpBinding(BasicHttpSecurityMode.Transport)
'Setting CredentialType = Certificate'
sslBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate
'Getting the client certificate from the store'
Dim coll = New X509Store(StoreName.My, StoreLocation.CurrentUser)
coll.Open(OpenFlags.ReadOnly)
Dim cert = coll.Certificates.Find(X509FindType.FindByThumbprint, "76DB1454D4B25ACEAF2BAE465C310E3119278792", True)
'Creating the service'
Dim svc As SdITrasmissioneFileClient = New SdITrasmissioneFileClient(sslBinding, endpoint)
'Setting the certificate inside client credentials'
svc.ClientCredentials.ClientCertificate.Certificate = cert(0)
svc.Open()
'Calling the service'
Dim resp As RispostaEsito_Type = svc.Esito(New Esito_Type() With {.IDFile = "4454555"})
svc.Close()
在我看來很簡單的,但是當我執行我的代碼,我收到了
System.ServiceModel.Security.MessageSecurityException: 'The HTTP request was forbidden with client authentication scheme 'Anonymous'.'
Internal Exception: WebException: Remote Server Error: (403) Forbidden
下一頁我使用招和Wireshark分析交通我發現,在客戶端和服務器之間的TLS握手期間,客戶端不會將證書發送到服務器。
現在我也不明白爲什麼,即使我添加的證書到客戶端憑證,它不發送到目的地。