對我來說又是一個奇怪的問題。無法建立具有權威'localhost'奇怪問題的SSL/TLS安全通道的信任關係
當我重新將我的wcf從http重定向到https時,當我嘗試從UI調用.svc方法時,我開始出現此異常「無法爲權限'localhost'建立SSL/TLS安全通道的信任關係問題」。 同樣在InnerException中,我得到了這個:「遠程證書根據驗證過程是無效的」。
我:
FunctionalApplicationBlock.InitializeWithShielding("BusinessServices Application");
if (Microsoft.WindowsAzure.CloudConfigurationManager.GetSetting("SkipServerCertificateValidation") == "true")
{
ServicePointManager.ServerCertificateValidationCallback = (snder, cert, chain, error) => true;
}
在Globasl.asax
我:
<system.identityModel>
<identityConfiguration>
<certificateValidation certificateValidationMode="None"/>
</identityConfiguration>
</system.identityModel>
在Web.config中
。
我的綁定是:
<behaviors>
<serviceBehaviors>
<behavior name="CustomeBehavior">
<serviceAuthorization principalPermissionMode="Custom">
<authorizationPolicies>
<add policyType="Security.BusinessAuthorizationPolicy, Security" />
</authorizationPolicies>
</serviceAuthorization>
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
<behavior name="SecurityOff">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" minFreeMemoryPercentageToActivateService="0" />
<bindings>
<basicHttpsBinding>
<binding name="BasicHttpsBinding" sendTimeout="00:05:00" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647" messageEncoding="Text">
<readerQuotas maxDepth="2000000" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="Transport">
<transport clientCredentialType="None" />
</security>
</binding>
</basicHttpsBinding>
</bindings>
我看不出哪裏有可能是一個問題。此外,我仍然可以調用.svc方法,而不會從HomeController中發現任何問題。
所以,有我的問題 - 它是什麼以及爲什麼發生這種情況後,從http更改爲https(或有其他原因)?
編輯: 客戶端設置:
public static ChannelFactory<IBusiness> CreateFactory()
{
var authorization = new Authorization()
{
Key = GlobalConfig.BusinessAuthorizationKey
};
AddressHeader header = AddressHeader.CreateAddressHeader(authorization);
var address = new EndpointAddress(new Uri(ClientConfig.BusinessServiceEndpoint), header);
var channel = new ChannelFactory<IBusiness>(address.ResolveBinding(), address);
var bind = Helper.ResolveBinding(address);
if (bind is BasicHttpBinding)
{
var bindings = bind as BasicHttpBinding;
bindings.MaxBufferPoolSize = 2147483647;
bindings.MaxBufferSize = 2147483647;
bindings.MaxReceivedMessageSize = 2147483647;
bindings.MessageEncoding = WSMessageEncoding.Text;
bindings.ReaderQuotas.MaxArrayLength = 2147483647;
bindings.ReaderQuotas.MaxBytesPerRead = 2147483647;
bindings.ReaderQuotas.MaxDepth = 2147483647;
bindings.ReaderQuotas.MaxNameTableCharCount = 2147483647;
bindings.ReaderQuotas.MaxStringContentLength = 2147483647;
bindings.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
channel.Endpoint.Binding = bindings;
}
else
{
var bindings = bind as BasicHttpsBinding;
bindings.MaxBufferPoolSize = 2147483647;
bindings.MaxBufferSize = 2147483647;
bindings.MaxReceivedMessageSize = 2147483647;
bindings.MessageEncoding = WSMessageEncoding.Text;
bindings.ReaderQuotas.MaxArrayLength = 2147483647;
bindings.ReaderQuotas.MaxBytesPerRead = 2147483647;
bindings.ReaderQuotas.MaxDepth = 2147483647;
bindings.ReaderQuotas.MaxNameTableCharCount = 2147483647;
bindings.ReaderQuotas.MaxStringContentLength = 2147483647;
bindings.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
channel.Endpoint.Binding = bindings;
}
return channel;
}
Em..does I undersand correct,I need to add self-signed certificate in IIS to my business service? –
那麼,多虧了嘗試,但我已經綁定了自簽名證書。剛剛發現。 –
郵政編碼如何客戶端連接 –