1. 首頁
  2. 問答
  3. https通過WCF中的basicHttpBinding

https通過WCF中的basicHttpBinding

2012-04-23 110 views
1

我想要在WCF中使用basicHttpBinding獲得https。該服務似乎運行良好,但是當我嘗試運行我的客戶端並調用其中一種方法時,出現以下異常:https通過WCF中的basicHttpBinding

無法建立SSL/TLS安全的信任關係頻道與權威'sfs-111:20023'。

我已經在下面包含了我的代碼和配置文件。如果有人能幫忙,我會非常感激。

請注意,我是WCF新手。

這裏是我服務的app.config:

<?xml version="1.0" encoding="utf-8"?> 
<configuration> 

    <!-- DEBUG - TURN ON TRACING --> 
    <system.diagnostics> 
     <sources> 
      <source name="System.ServiceModel" switchValue="Information, ActivityTracing" propagateActivity="true"> 
       <listeners> 
        <add name="traceListener" 
          type="System.Diagnostics.XmlWriterTraceListener" 
          initializeData= "c:\tahseen\dd\WCFServer.svclog" /> 
       </listeners> 
      </source> 
     </sources> 
    </system.diagnostics> 

    <system.serviceModel> 
     <behaviors> 
      <serviceBehaviors> 

       <!-- BEHAVIOR FOR META DATA --> 
       <behavior name="DeltaServiceBehavior"> 
        <serviceMetadata httpGetEnabled="true" /> 
        <serviceCredentials> 
         <windowsAuthentication includeWindowsGroups="false" allowAnonymousLogons="false" /> 
        </serviceCredentials> 
        <dataContractSerializer maxItemsInObjectGraph="100000000" /> 
       </behavior> 

       <!-- BEHAVIOR FOR TRANSPORT SECURITY --> 
       <behavior name="SecureBehavior"> 
        <serviceMetadata httpGetEnabled="true"/> 
        <serviceCredentials> 
         <clientCertificate> 
          <authentication certificateValidationMode="PeerTrust" /> 
         </clientCertificate> 
         <serviceCertificate findValue="sfs-Test" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="My" /> 
        </serviceCredentials> 
        <dataContractSerializer maxItemsInObjectGraph="100000000" /> 
       </behavior> 

      </serviceBehaviors> 
     </behaviors> 

     <bindings> 

      <!-- DEFINE BINDING --> 
      <basicHttpBinding> 
       <binding name="HttpBinding_AlphaSystem"> 
        <security mode="Transport"> 
         <transport clientCredentialType="Certificate" /> 
        </security> 
       </binding> 
      </basicHttpBinding> 

     </bindings>   
     <services> 

      <!-- DEFINE SERVICE --> 
      <service behaviorConfiguration="SecureBehavior" name="Alpha.Services.DeltaService.DeltaService"> 

       <!-- ENDPOINT FOR METADATA --> 
       <endpoint address="mex" binding="basicHttpBinding" bindingConfiguration="" contract="IMetadataExchange" /> 

       <!-- ENDPOINT FOR DATA --> 
       <endpoint address="" binding="basicHttpBinding" bindingConfiguration="HttpBinding_AlphaSystem" contract="Alpha.Services.DeltaService.IDeltaService"/>      

       <!-- BASE ADDRESSES FOR SERVICE--> 
       <host> 
        <baseAddresses> 
         <add baseAddress="http://SFS-111:20022/DeltaService" /> 
         <add baseAddress="https://SFS-111:20023/DeltaService" /> 
        </baseAddresses> 
       </host> 
      </service> 

     </services> 
    </system.serviceModel> 
</configuration>

這裏是我的客戶端的app.config:

<?xml version="1.0" encoding="utf-8" ?> 
<configuration> 
    <system.diagnostics> 
     <sources> 
      <source name="System.ServiceModel" switchValue="Information, ActivityTracing" propagateActivity="true"> 
       <listeners> 
        <add name="traceListener" type="System.Diagnostics.XmlWriterTraceListener" initializeData="c:\tahseen\dd\WCFClient.svclog" /> 
       </listeners> 
      </source> 
     </sources> 
    </system.diagnostics> 

    <system.serviceModel> 

     <!-- DEFINE SECURE BEHAVIOR --> 
     <behaviors> 
      <endpointBehaviors> 
       <behavior name="ClientBehavior"> 
        <clientCredentials> 
         <clientCertificate findValue="sfs-Client" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="My" /> 
         <serviceCertificate> 
          <authentication certificateValidationMode="PeerTrust"/> 
         </serviceCertificate> 
        </clientCredentials> 
       </behavior> 
      </endpointBehaviors> 
     </behaviors> 

     <bindings> 
      <basicHttpBinding> 
       <binding name="BasicHttpBinding_IDeltaService" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false" 
     bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" 
     messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true"> 
        <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" 
         maxBytesPerRead="4096" maxNameTableCharCount="16384" /> 
        <security mode="Transport"> 
         <transport clientCredentialType="Certificate" realm="" /> 
        </security> 
       </binding> 
      </basicHttpBinding> 
     </bindings> 
     <client> 
      <endpoint address="https://sfs-111:20023/DeltaService" binding="basicHttpBinding" behaviorConfiguration ="ClientBehavior" 
       bindingConfiguration="BasicHttpBinding_IDeltaService" contract="DeltaService.IDeltaService" 
       name="BasicHttpBinding_IDeltaService"> 
       <identity> 
        <dns value="sfs-Test" /> 
       </identity> 
      </endpoint> 
     </client> 
    </system.serviceModel> 
</configuration>

這裏是我的服務代碼:

using System; 
using System.Collections.Generic; 
using System.Linq; 
using System.Text; 
using System.ServiceModel; 
using System.ServiceModel.Description; 

namespace Alpha.Services.DeltaService 
{ 
    public class DeltaService : IDeltaService 
    { 
     public int timesTwo(int n) 
     { 
      return n * 2; 
     } 
    } 

    [ServiceContract] 
    interface IDeltaService 
    { 
     [OperationContract] 
     int timesTwo(int n); 
    } 

    public class App 
    { 
     public static void Main(string[] args) 
     { 
      //DeltaService service = new DeltaService(); 
      ServiceHost serviceHost = new ServiceHost(typeof(DeltaService)); 
      serviceHost.Open(); 

      Console.WriteLine("Press any key to exit"); 
      Console.ReadKey(); 

      serviceHost.Close(); 
     } 
    } 
}

這裏是我的客戶端代碼:

using System; 
using System.Collections.Generic; 
using System.Linq; 
using System.Text; 

namespace WCFClient 
{ 
    class Program 
    { 
     static void Main(string[] args) 
     { 
      DeltaService.IDeltaService service = new DeltaService.DeltaServiceClient(); 

      int result = service.timesTwo(5); 

      Console.WriteLine(result); 
     } 
    } 
}

來源

2012-04-23 user1229458

+1

在同一臺機器上運行這些測試?您是否在Windows證書存儲中正確配置了證書?這些PeerTrust設置不適用於HTTPS,因爲HTTPS由Windows操作系統直接處理。 – 2012-04-23 10:18:48

+0

如何檢查證書配置是否正確?另外,如果PeerTrust不起作用,我應該怎樣改變它?請原諒我的無知,因爲我是WCF和證書的新手。 – user1229458 2012-04-23 10:28:28

+0

這些證書是自簽名的嗎? – 2012-04-23 10:36:47

回答

2

只是用於測試,嘗試在客戶端上禁用SSL驗證:

http://webservices20.blogspot.com/2008/12/wcf-gotcha-disabling-ssl-validation.html

using System.Net; 
using System.Net.Security; 
using System.Security.Cryptography.X509Certificates; 
... 
ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(OnValidationCallback); 
... 
public static bool OnValidationCallback(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors errors) 
{ 
return true; 
}

來源

2012-04-23 21:02:49

+0

也許我錯過了一些東西,但是這不是擊敗練習的全部重點嗎?我如何讓ssl驗證在不禁用的情況下工作? – user1229458 2012-04-24 08:56:08

+0

這將有助於確定問題是否確實與證書驗證有關,還是存在其他一些問題。如果是前者,則需要在證書頒發機構x.509中安裝證書頒發機構 – 2012-04-24 10:31:12

相關問題

 相關問題