C# 客户端身份验证方案禁止HTTP请求';匿名';。3.
我正在使用wcf通过https实现相互握手,收到一个错误: “客户端身份验证方案“匿名”禁止HTTP请求。” 服务代码:C# 客户端身份验证方案禁止HTTP请求';匿名';。3.,c#,.net,wcf,C#,.net,Wcf,我正在使用wcf通过https实现相互握手,收到一个错误: “客户端身份验证方案“匿名”禁止HTTP请求。” 服务代码: var binding = new BasicHttpBinding() { Security = { Mode = BasicHttpSecurityMode.Transport, Transport = { ClientCrede
var binding = new BasicHttpBinding()
{
Security =
{
Mode = BasicHttpSecurityMode.Transport,
Transport = { ClientCredentialType = HttpClientCredentialType.Certificate },
},
};
var sh = new ServiceHost(typeof(EchoService), new Uri("https://localhost:9876"));
//sh.Description.Behaviors.Add(new ServiceMetadataBehavior());
//sh.AddServiceEndpoint(ServiceMetadataBehavior.MexContractName, MetadataExchangeBindings.CreateMexHttpsBinding(), "mex");
sh.AddServiceEndpoint(typeof(IEchoService), binding, "");
sh.Credentials.ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByThumbprint, "AAAAAAAAAAAAAAAAAAAAAAAAAAAAA");
sh.Open();
客户端代码:
var binding = new BasicHttpBinding()
{
Security =
{
Mode = BasicHttpSecurityMode.Transport,
Transport = { ClientCredentialType = HttpClientCredentialType.Certificate },
},
};
var sslClientFactory = new ChannelFactory<IEchoService>(binding, "https://localhost:9876");
sslClientFactory.Credentials.ClientCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByThumbprint, "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA");
var sslClient = sslClientFactory.CreateChannel();
var response = sslClient.Echo("Https Echo");
var binding=new BasicHttpBinding()
{
保安=
{
Mode=BasicHttpSecurityMode.Transport,
传输={ClientCredentialType=HttpClientCredentialType.Certificate},
},
};
var sslClientFactory=newchannelfactory(绑定)https://localhost:9876");
sslClientFactory.Credentials.ClientCertificate.SetCertificate(StoreLocation.LocalMachine,StoreName.My,X509FindType.FindByThumbprint,“aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa;
var sslClient=sslClientFactory.CreateChannel();
var response=sslClient.Echo(“Https Echo”);
我已使用httpcfg将此证书分配给端口
如果我将绑定从BasicHttpBinding更改为NetTcpBinding,它就可以正常工作
如果我运行两个服务实例(在一个进程中),一个使用NetTcpBinding,另一个使用BasicHttpBinding,并从NetTCP客户端和https客户端使用它,这两个实例都可以正常工作(客户端使用相同的证书)
在什么情况下,如果我只运行我的https客户端,我会得到“客户端身份验证方案‘匿名’禁止HTTP请求”?我注意到,我有很多双重证书(两个相同的证书对-具有相同的拇指点)在存储中(我不知道我是如何将它们放在那里的),我认为这是一个问题。也许当存储中的证书加倍时,服务器只向客户端发送来自非加倍证书的发行者