0
我使用Pluralsight Selfcert創建證書。當我在wcf服務中使用它時,它需要一個SecurityNegotiation異常。我搜索它並找到了解決方案。我在Web.config的clientCertificate中放入了certificateValidationMode =「None」,但問題沒有解決。但如果我把這個命令放在客戶端app.config問題上解決。但我不想更改我的客戶端配置。爲什麼這個命令在服務器端不起作用?有沒有其他方法?WCF SecurityNegotiationException當使用無證書證書驗證方式
X.509證書CN = QtasCert chain building failed。使用的 證書具有無法驗證的信任鏈。 替換證書或更改certificateValidationMode。 A 證書鏈已處理,但終止於信任提供商不信任的根證書 。
<services>
<service name="ArchiveBoundedContext.WcfService.WcfServices.ArchiveWcfService">
<endpoint address="" binding="netTcpBinding" bindingConfiguration="QTasBinding" name="QTasEndpoint" contract="ArchiveBoundedContext.WcfService.WcfServices.IArchiveWcfService" />
<endpoint address="mex" binding="mexTcpBinding" name="QTasMex" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="net.tcp://localhost:808/WcfServices/" />
</baseAddresses>
</host>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceSecurityAudit auditLogLocation="Application" serviceAuthorizationAuditLevel="SuccessOrFailure" messageAuthenticationAuditLevel="SuccessOrFailure" suppressAuditFailure="true" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="ArchiveBoundedContext.WcfService.ServiceAuthenticator, ArchiveBoundedContext.WcfService" />
<serviceCertificate findValue="QtasCert" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
<clientCertificate>
<authentication certificateValidationMode="None" revocationMode="NoCheck" />
</clientCertificate>
</serviceCredentials>
<serviceAuthorization principalPermissionMode="UseAspNetRoles" />
<serviceMetadata httpGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
也許它不會在服務器端運行的原因是,它是在客戶端,這個特殊的驗證發生:)你可以導入證書的受信任根存儲在客戶端機器來消除這種錯誤。 –