Warning: file_get_contents(/data/phpspider/zhask/data//catemap/7/wcf/4.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Wcf 未应用或使用ClientCredentials服务证书身份验证的配置_Wcf_.net Core_Wcf Security - Fatal编程技术网
Fatal编程技术网
  • wcf/
  • Wcf 未应用或使用ClientCredentials服务证书身份验证的配置

Wcf 未应用或使用ClientCredentials服务证书身份验证的配置

wcf .net-core

Wcf 未应用或使用ClientCredentials服务证书身份验证的配置,wcf,.net-core,wcf-security,Wcf,.net Core,Wcf Security,我正在构建一个.NET Core 3.1应用程序,尝试通过HTTPS调用WCF服务,并暂时禁用服务器证书的SSL身份验证 有一个明确记录的方法来实现这一点。也就是说,通过在ChannelFactory类上设置ServiceCertificate.SslCertificateAuthentication属性 下面是设置het绑定、端点和客户端凭据的代码 var endpointAddress = new EndpointAddress("https://*.com"); var binding =

我正在构建一个.NET Core 3.1应用程序,尝试通过HTTPS调用WCF服务,并暂时禁用服务器证书的SSL身份验证

有一个明确记录的方法来实现这一点。也就是说,通过在
ChannelFactory
类上设置
ServiceCertificate.SslCertificateAuthentication
属性

下面是设置het绑定、端点和客户端凭据的代码

var endpointAddress = new EndpointAddress("https://*.com");
var binding = new BasicHttpsBinding();

binding.Security.Mode = BasicHttpsSecurityMode.Transport;
binding.Security.Transport = new HttpTransportSecurity()
{
  ClientCredentialType = HttpClientCredentialType.None
};

var factory = new ChannelFactory<IService>(binding, endpointAddress);
factory.Credentials.ServiceCertificate.SslCertificateAuthentication = new X509ServiceCertificateAuthentication()
{
  CertificateValidationMode = X509CertificateValidationMode.None,
  RevocationMode = X509RevocationMode.NoCheck
};

factory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
factory.Credentials.ServiceCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck;

var client = factory.CreateChannel();
client.Call();
正如您在这一点上所期望的,我收到了与以前相同的异常。更糟糕的是,我的CustomCertificate.Validate(..)方法根本没有被调用

WCF似乎提供了一个API,允许进行相当多的控制,但无论我尝试什么,我的策略/配置似乎都没有得到任何尊重

这里可能发生了什么?

在DotCore项目中需要SSL身份验证时,下面的代码将起作用

Uri uri = new Uri("https://vabqia969vm:21011");
            BasicHttpsBinding binding = new BasicHttpsBinding();
            binding.Security.Mode = BasicHttpsSecurityMode.Transport;
            binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
            ChannelFactory<IService> factory = new ChannelFactory<IService>(binding, new EndpointAddress(uri));

            factory.Credentials.ServiceCertificate.SslCertificateAuthentication = new System.ServiceModel.Security.X509ServiceCertificateAuthentication()
            {
                CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.None,
                RevocationMode = System.Security.Cryptography.X509Certificates.X509RevocationMode.NoCheck
            };

            //these two lines will not work.
            //factory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.None;
            //factory.Credentials.ServiceCertificate.Authentication.RevocationMode = System.Security.Cryptography.X509Certificates.X509RevocationMode.NoCheck;

            var client = factory.CreateChannel();
            var result = client.TestAsync();
            Console.WriteLine(result.Result);

Uri=新的Uri(“https://vabqia969vm:21011");
BasicHttpsBinding binding=新的BasicHttpsBinding();
binding.Security.Mode=basichtpssecuritymode.Transport;
binding.Security.Transport.ClientCredentialType=HttpClientCredentialType.None;
ChannelFactory=newchannelfactory(绑定,新端点地址(uri));
factory.Credentials.ServiceCertificateAuthentication=new System.ServiceModel.Security.X509ServiceCertificateAuthentication()
{
CertificateValidationMode=System.ServiceModel.Security.X509CertificateValidationMode.None,
RevocationMode=System.Security.Cryptography.X509Certificates.X509RevocationMode.NoCheck
};
//这两条线不行。
//factory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode=System.ServiceModel.Security.X509CertificateValidationMode.None;
//factory.Credentials.ServiceCertificate.Authentication.RevocationMode=System.Security.Cryptography.X509Certificates.X509RevocationMode.NoCheck;
var client=factory.CreateChannel();
var result=client.TestAsync();
Console.WriteLine(result.result);
就我而言,它工作得很好。我认为服务器端有问题。如您所知,我们应该确保客户端和服务器端之间的绑定类型是一致的。服务器端的详细信息是什么

Uri uri = new Uri("https://vabqia969vm:21011");
            BasicHttpsBinding binding = new BasicHttpsBinding();
            binding.Security.Mode = BasicHttpsSecurityMode.Transport;
            binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
            ChannelFactory<IService> factory = new ChannelFactory<IService>(binding, new EndpointAddress(uri));

            factory.Credentials.ServiceCertificate.SslCertificateAuthentication = new System.ServiceModel.Security.X509ServiceCertificateAuthentication()
            {
                CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.None,
                RevocationMode = System.Security.Cryptography.X509Certificates.X509RevocationMode.NoCheck
            };

            //these two lines will not work.
            //factory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.None;
            //factory.Credentials.ServiceCertificate.Authentication.RevocationMode = System.Security.Cryptography.X509Certificates.X509RevocationMode.NoCheck;

            var client = factory.CreateChannel();
            var result = client.TestAsync();
            Console.WriteLine(result.Result);