使用自签名证书使用WCF服务
当我执行消费应用程序时,它会给我以下异常: 无法激活请求的服务 当我尝试进入chrome时,它会说: URI的注册已存在 我不知道如何摆脱这些例外,到目前为止,我已经通过了很多论坛 服务器端app.config使用自签名证书使用WCF服务,wcf,self-signed,Wcf,Self Signed,当我执行消费应用程序时,它会给我以下异常: 无法激活请求的服务 当我尝试进入chrome时,它会说: URI的注册已存在 我不知道如何摆脱这些例外,到目前为止,我已经通过了很多论坛 服务器端app.config <system.web> <compilation debug="true" /> <membership defaultProvider="ClientAuthenticationMembershipProvider"> <provider
<system.web>
<compilation debug="true" />
<membership defaultProvider="ClientAuthenticationMembershipProvider">
<providers>
<add name="ClientAuthenticationMembershipProvider" type="System.Web.ClientServices.Providers.ClientFormsAuthenticationMembershipProvider, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" serviceUri="" />
</providers>
</membership>
<roleManager defaultProvider="ClientRoleProvider" enabled="true">
<providers>
<add name="ClientRoleProvider" type="System.Web.ClientServices.Providers.ClientRoleProvider, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" serviceUri="" cacheTimeout="86400" />
</providers>
</roleManager>
</system.web>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="wsHttpEndpointBinding">
<security mode="Transport">
<transport clientCredentialType="Certificate" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="behaviourHttps" name="HistoricStatementsWS.HistoricStatements">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="wsHttpEndpointBinding"
name="wsHttpEndpoint" contract="HistoricStatementsWS.IHistoricStatements" />
<endpoint address="HistoricStatementsWS.HistoricStatements.svc"
binding="wsHttpBinding" bindingConfiguration="wsHttpEndpointBinding"
name="mexEndpoint" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="https://localhost:53996/" />
</baseAddresses>
</host>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="behaviourHttps">
<useRequestHeadersForMetadataAddress />
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"
httpsGetUrl="https://localhost:53996/HistoricStatementsWS.HistoricStatements.svc"
policyVersion="Policy15" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
</configuration>
客户端网络配置
<configuration>
<configSections>
</configSections>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
</system.web>
<system.webServer>
<directoryBrowse enabled="true" showFlags="Date,Time,Extension,Size" />
</system.webServer>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="wsHttpEndpoint">
<security mode="Transport">
<transport clientCredentialType="Certificate" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint behaviorConfiguration="endpointBehavior" address="https://localhost:53996/HistoricStatementsWS.HistoricStatements.svc" binding="wsHttpBinding"
bindingConfiguration="wsHttpEndpoint" contract="IHistoricStatements.IHistoricStatements"
name="wsHttpEndpoint" />
</client>
<behaviors>
<endpointBehaviors>
<behavior name="endpointBehavior">
<clientCredentials>
<clientCertificate storeLocation="LocalMachine" storeName="My" findValue="00B192126A72D282D2" x509FindType="FindBySerialNumber"/>
<serviceCertificate>
<authentication certificateValidationMode="None" revocationMode="NoCheck" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>
</configuration>
对于有相同问题的人,我通过将ip 127.0.0.1指向我的完整域名computername.intra.local来解决问题。我将服务器web配置中的localhost更改为我的域名computername.intra.local,并从httpsGetUrl中删除了域前缀,因为baseAddress也用于此值,所以被复制。尽管仍然存在重复的值,并且配置仍然不准确,但至少可以从浏览器访问wsdl。my local上的浏览器请求证书并成功进行身份验证 然而,我仍然缺乏从同一网络上的不同机器访问同一url的诀窍。我在本地计算机上安装了根证书和客户端证书,但仍然出现以下错误:“客户端身份验证方案“匿名”禁止HTTP请求”。我在本地客户端遇到此错误,但通过编程调用证书解决了此问题。新机器上的相同代码不起作用 代码是:
WSHttpBinding httpBinding = new WSHttpBinding(SecurityMode.Transport);
httpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
httpBinding.Security.Message.NegotiateServiceCredential = false;
httpBinding.Security.Message.EstablishSecurityContext = false;
var httpUri = new Uri("https://ws12.intra.local:53996/HistoricStatementsWS.Historicstatements.svc");
var httpEndpoint = new EndpointAddress(httpUri, EndpointIdentity.CreateDnsIdentity(""));
var newFactory = new ChannelFactory<IHistoricStatements>(httpBinding, httpEndpoint);
newFactory.Credentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindBySubjectName, "ws12.intra.local");
newFactory.Credentials.ServiceCertificate.SetDefaultCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindBySubjectName, "ws12.intra.local");
我必须补充的是,没有使用任何代理,“匿名”在IIS中与用户IUSR切换,根文件夹对IUSR、IIS_IUSR、网络、网络服务具有完全权限。我首先希望从新机器上的浏览器连接,因为这会导致错误:
403-禁止:访问被拒绝。您没有查看的权限
此目录或页面使用您提供的凭据
非常感谢您的回复
贾斯汀