1. 首页
  2. 问答
  3. WCF SecurityNegotiationException当使用无证书证书验证方式

WCF SecurityNegotiationException当使用无证书证书验证方式

2015-08-19 55 views
0

我使用Pluralsight Selfcert创建证书。当我在wcf服务中使用它时,它需要一个SecurityNegotiation异常。我搜索它并找到了解决方案。我在Web.config的clientCertificate中放入了certificateValidationMode =“None”,但问题没有解决。但如果我把这个命令放在客户端app.config问题上解决。但我不想更改我的客户端配置。为什么这个命令在服务器端不起作用?有没有其他方法?WCF SecurityNegotiationException当使用无证书证书验证方式

X.509证书CN = QtasCert chain building failed。使用的 证书具有无法验证的信任链。 替换证书或更改certificateValidationMode。 A 证书链已处理,但终止于信任提供商不信任的根证书 。

<services> 
    <service name="ArchiveBoundedContext.WcfService.WcfServices.ArchiveWcfService"> 
    <endpoint address="" binding="netTcpBinding" bindingConfiguration="QTasBinding" name="QTasEndpoint" contract="ArchiveBoundedContext.WcfService.WcfServices.IArchiveWcfService" /> 
    <endpoint address="mex" binding="mexTcpBinding" name="QTasMex" contract="IMetadataExchange" /> 
    <host> 
     <baseAddresses> 
     <add baseAddress="net.tcp://localhost:808/WcfServices/" /> 
     </baseAddresses> 
    </host> 
    </service> 
</services> 
<behaviors> 
    <serviceBehaviors> 
    <behavior> 
     <serviceSecurityAudit auditLogLocation="Application" serviceAuthorizationAuditLevel="SuccessOrFailure" messageAuthenticationAuditLevel="SuccessOrFailure" suppressAuditFailure="true" /> 
     <serviceCredentials> 
     <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="ArchiveBoundedContext.WcfService.ServiceAuthenticator, ArchiveBoundedContext.WcfService" /> 
     <serviceCertificate findValue="QtasCert" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" /> 
     <clientCertificate> 
      <authentication certificateValidationMode="None" revocationMode="NoCheck" /> 
     </clientCertificate> 
     </serviceCredentials> 
     <serviceAuthorization principalPermissionMode="UseAspNetRoles" /> 
     <serviceMetadata httpGetEnabled="false" /> 
     <serviceDebug includeExceptionDetailInFaults="true" /> 
    </behavior> 
    </serviceBehaviors>

来源

2015-08-19 ArMaN

+0

也许它不会在服务器端运行的原因是,它是在客户端,这个特殊的验证发生:)你可以导入证书的受信任根存储在客户端机器来消除这种错误。 –

回答

0

我在客户端安装证书和问题解决。

class Program 
{ 
    static void Main(string[] args) 
    { 
     Console.WriteLine(@"Certificate Installer v1.0"); 

     var certificate = new X509Certificate2(Certificates.QTasCert, "*****"); 
     var rootStore = new X509Store(StoreName.Root, StoreLocation.LocalMachine); 
     rootStore.Open(OpenFlags.ReadWrite); 
     rootStore.Add(certificate); 
     rootStore.Close(); 

     var myStore = new X509Store(StoreName.My, StoreLocation.LocalMachine); 
     myStore.Open(OpenFlags.ReadWrite); 
     myStore.Add(certificate); 
     myStore.Close(); 

     Console.WriteLine(@"Certificate Installed Successfuly"); 
     Console.ReadKey(); 
    } 
}

来源

2015-08-19 17:56:20 ArMaN

相关问题

 相关问题