Https證書錯誤，IIS上的WCF服務

Question

我想組織客戶端和WCF服務之間的安全連接。必須確保客戶能夠信任該服務。

我已經爲本地機器上的Trusted Root和Personal存儲創建了兩個證書。我可以在證書加載項中看到正確的證書路徑。 證書通用名是localhost。

我在IIS上添加了https綁定。

我有以下配置

行爲

<behavior name="AgencyTrustedServiceBehavior"> 
     <dataContractSerializer maxItemsInObjectGraph="10000000" /> 
     <serviceMetadata httpsGetEnabled="true" policyVersion="Policy15" /> 
     <serviceDebug includeExceptionDetailInFaults="true" /> 

     <serviceCredentials> 
     <clientCertificate> 
      <authentication certificateValidationMode="None" /> 
     </clientCertificate> 

     <serviceCertificate findValue="localhost" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" /> 

     </serviceCredentials> 
    </behavior> 

綁定

<wsHttpBinding> 
    <binding name="InternetServiceBinding" closeTimeout="00:10:00" 
      openTimeout="00:10:00" sendTimeout="00:10:00" bypassProxyOnLocal="true" 
      maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" 
      messageEncoding="Mtom"> 
     <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" 
     maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" /> 
     <security mode="Transport"> 
     <transport clientCredentialType="None"> 
      <extendedProtectionPolicy policyEnforcement="Never" /> 
     </transport> 
     </security> 
    </binding> 
    </wsHttpBinding> 

端點

<service behaviorConfiguration="AgencyTrustedServiceBehavior" name="Megatec.MasterTourService.AuthService"> 
    <endpoint address="Anonymous" 
       binding="wsHttpBinding" 
       bindingConfiguration="InternetServiceBinding" 
       name="Megatec.MasterTourService.Contracts.IAuthServiceAnonymous" 
       contract="Megatec.MasterTourService.Contracts.IAuthService"> 
    </endpoint> 
    </service> 

但是，該服務時，我嘗試訪問該服務B使用WCFTestClient Y，它拋出以下異常

There was no endpoint listening at http://localhost/IISTest/AuthService.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details. The remote server returned an error: (404) Not Found. 

HTTP GET Error URI: http://localhost/IISTest/AuthService.svc The document at the url http://localhost/IISTest/AuthService.svc was not recognized as a known document type.The error message from each known type may help you fix the problem: 
- Report from 'XML Schema' is 'The document format is not recognized (the content type is 'text/html; charset=UTF-8').'. 
- Report from 'DISCO Document' is 'There was an error downloading 'https://dev4-10.megatec.ru/IISTest/AuthService.svc?disco'.'. 
- The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. 
- The remote certificate is invalid according to the validation procedure. 
- Report from 'http://localhost/IISTest/AuthService.svc' is 'The document format is not recognized (the content type is 'text/html; charset=UTF-8').'. 
- Report from 'WSDL Document' is 'The document format is not recognized (the content type is 'text/html; charset=UTF-8').'. 

有什麼不好？

Answer 1

客戶端打的網址是：

的 「http：//本地主機/ IISTest/AuthService」

應該

「https：//開頭本地主機/ IISTest/AuthService」