C# 双向SSL的配置_C#_Wcf_Authentication_Iis_Certificate

C# 双向SSL的配置

c# wcf authentication iis certificate

C# 双向SSL的配置,c#,wcf,authentication,iis,certificate,C#,Wcf,Authentication,Iis,Certificate,我正在尝试配置双向SSL。我越来越 'Client certificate is required. No certificate was found in the request. This might be because the client certificate could not be successfully validated by the operating system or IIS. For information on how to bypass those val

我正在尝试配置双向SSL。我越来越

'Client certificate is required.  No certificate was found in the request.  This might be because the client certificate could not be successfully validated by the operating system or IIS.  For information on how to bypass those validations and use a custom X509CertificateValidator in WCF please see http://go.microsoft.com/fwlink/?LinkId=208540.'

在WCF跟踪日志中

在客户端应用程序上，我收到错误消息客户端身份验证方案“匿名”禁止HTTP请求

WCF托管在IIS中，并使用通配符证书“*.mySite.com”

My WCF web.config：

<serviceBehaviors>
        <behavior name="MySslServiceBehavior">

          <serviceMetadata httpsGetEnabled="true" />
          <dataContractSerializer maxItemsInObjectGraph="16777216" />
          <serviceDebug includeExceptionDetailInFaults="true" />

            <serviceCredentials>
            <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="Wcfproject.Util.MyServiceAuthorizationManager, MyProjectName"/>
            <serviceCertificate findValue="*.mySite.com" 
                                x509FindType="FindBySubjectName"
                                storeLocation="LocalMachine" storeName="Root"
                                />
            <clientCertificate>
              <authentication certificateValidationMode="PeerTrust"/>
            </clientCertificate>            
          </serviceCredentials>

        </behavior>
</serviceBehaviors>
<bindings>
    <basicHttpBinding>          

            <binding name="2WaySecureBinding">
              <security mode="Transport">
                <transport clientCredentialType="Certificate"></transport>          
              </security>
            </binding>

    </basicHttpBinding>
</bindings>     

<services>

      <service behaviorConfiguration="MySslServiceBehavior" name="MyServiceName">             
        <!--2 way SSL-->
        <endpoint bindingNamespace="http://myNamespace/V1" binding="basicHttpBinding" bindingConfiguration="2WaySecureBinding" name="httpsBinding" contract="MyServiceName"/>   

      </service>
 </services>

我的客户端配置：

<client>
  <endpoint address="https://2wayWcfProject.mySite.com/MyServiceName.svc" binding="customBinding"
        bindingConfiguration="httpsBinding" contract="MyServiceReference.MyServiceName" behaviorConfiguration="CustomBehavior"
        name="httpsBinding" />
</client>

<behaviors>
  <endpointBehaviors>
    <behavior name="CustomBehavior">
        <clientCredentials>
          <clientCertificate findValue="*.ClientSite.com" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="Root" />
        </clientCredentials>
      </behavior>
  </endpointBehaviors>
</behaviors>


 <bindings>     
  <customBinding>
    <binding name="httpsBinding">
      <security defaultAlgorithmSuite="Default" authenticationMode="UserNameOverTransport"
          requireDerivedKeys="true" includeTimestamp="true" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
        <localClientSettings detectReplays="false" />
        <localServiceSettings detectReplays="false" />
      </security>
      <textMessageEncoding messageVersion="Soap11" />
      <httpsTransport />
    </binding>
  </customBinding>

</bindings>

我已将客户端站点证书“*.ClientSite.com”导出为.pfx，并将其添加/导入到服务器mmc.exe->本地计算机“个人”和“受信任的根证书颁发机构”中的受信任证书中。

您是否找到过此问题的答案？我也有同样的问题…我最终找到了解决办法。很抱歉，我无法帮助发布配置，因为在此期间我更改了作业，并且没有实现。