1. 首页
  2. 问答
  3. WCF 2路ssl不工作

WCF 2路ssl不工作

2014-04-21 102 views
1

我是WCF的新手。我为客户端创建了一个自托管的WCF服务器,它是一个Java休息客户端。客户端与服务器之间的通信应通过两端的SSL证书相互认证。因此,在通信期间,客户端需要发送证书。客户端证书需要在服务器上自定义验证。 我认为单向通信正常,但服务器无法验证客户端证书。实际上,自定义验证程序代码并未执行。WCF 2路ssl不工作

在服务器的痕迹,我看“配置评价方面没有发现”了两次,想有一个与配置文件中的一些问题

我的配置文件如下:

<configuration> 
    <system.diagnostics> 
    <sources> 
     <source name="System.ServiceModel" 
       switchValue="All, ActivityTracing" 
       propagateActivity="true"> 
     <listeners> 
      <add name="xml" /> 
     </listeners> 
     </source> 
    </sources> 
    <sharedListeners> 
     <add name="xml" type="System.Diagnostics.XmlWriterTraceListener" initializeData="C:\log\Traces.svclog" /> 
    </sharedListeners> 
    <trace autoflush="true"/> 
    </system.diagnostics> 
    <system.serviceModel> 
    <bindings> 
     <customBinding> 
     <binding name="mybinding"> 
      <transactionFlow /> 
      <textMessageEncoding /> 
      <httpsTransport requireClientCertificate="true" /> 
      <security authenticationMode="MutualSslNegotiated"/> 
     </binding> 
     </customBinding> 
    </bindings> 
    <behaviors> 
     <serviceBehaviors> 
     <behavior name="behaviour"> 
      <serviceMetadata httpsGetEnabled="True"/> 
      <serviceDebug includeExceptionDetailInFaults="true" /> 
      <serviceCredentials> 
      <clientCertificate> 
       <authentication certificateValidationMode="Custom" customCertificateValidatorType="myproject.MyX509CertificateValidator,myproject"/> 
      </clientCertificate> 
      </serviceCredentials> 
     </behavior> 
     </serviceBehaviors> 
    </behaviors> 
    <services> 
     <service name="myHost" behaviorConfiguration="behaviour"> 
     <endpoint address="" contract="IIWCFServer" binding="customBinding" bindingConfiguration="mybinding" /> 
     <endpoint address="mex" contract="IMetadataExchange" binding="mexHttpsBinding"/> 
     </service> 
    </services> 
    <diagnostics> 
     <messageLogging logEntireMessage="true" 
         logMessagesAtServiceLevel="true" 
         logMessagesAtTransportLevel="true" 
         logMalformedMessages="true" 
         maxMessagesToLog="5000" 
         maxSizeOfMessageToLog="2000"> 
     </messageLogging> 
    </diagnostics> 
    </system.serviceModel> 
</configuration>

我已经经历了100秒的文章,但无法获得解决方案。任何建议都会有所帮助。

来自XML的异常的细节如下。如果我能从其他地方获得错误信息,请告诉我。

<E2ETraceEvent xmlns="http://schemas.microsoft.com/2004/06/E2ETraceEvent"> 
<System xmlns="http://schemas.microsoft.com/2004/06/windows/eventlog/system"> 
<EventID>524312</EventID> 
<Type>3</Type> 
<SubType Name="Warning">0</SubType> 
<Level>4</Level> 
<TimeCreated SystemTime="2014-04-21T09:09:53.2168282Z" /> 
<Source Name="System.ServiceModel" /> 
<Correlation ActivityID="{28fb55cc-1d5f-4a5a-a76e-5939a733b8f1}" /> 
<Execution ProcessName="testServer.vshost" ProcessID="2368" ThreadID="9" /> 
<Channel /> 
<Computer>WGP-PRINT-145</Computer> 
</System> 
<ApplicationData> 
<TraceData> 
<DataItem> 
<TraceRecord xmlns="http://schemas.microsoft.com/2004/10/E2ETraceEvent/TraceRecord" Severity="Warning"> 
<TraceIdentifier>http://msdn.microsoft.com/en-IN/library/System.ServiceModel.EvaluationContextNotFound.aspx</TraceIdentifier> 
<Description>Configuration evaluation context not found.</Description> 
<AppDomain>testServer.vshost.exe</AppDomain> 
</TraceRecord> 
</DataItem> 
</TraceData> 
</ApplicationData> 
</E2ETraceEvent>

来源

2014-04-21 Utkarsh

+0

您可以包括异常的细节?请参阅[找不到配置评估上下文](http://stackoverflow.com/questions/3636341/configuration-evaluation-context-not-found-warning-on-wcf-trace)。您是否尝试在配置中给出端点地址(因为mex端点需要主机基地址)?任何使用authenticationMode =“MutualSslNegotiated”的原因,而不是authenticationMode =“MutualCertificate”? – dera

+0

感谢您的答复,其实,我不是很清楚authenticationMode =“MutualCertificate/MutualCertificateDuplex/MutualSslNegotiated”之间的区别。我尝试使用其他选项,但得到了相同的结果。 – Utkarsh

+0

您如何调用WCF服务?如何在客户端添加证书?你能指定客户端绑定,配置等吗?您可以使用Fiddler或Soap UI等工具来实际查看对您服务的调用 – dera

回答

0

为我工作的代码如下:

String port = 443; 
String certificateSubject = "Mymachine"; 
String urlString = String.Format("https://{0}:{1}/",System.Net.Dns.GetHostEntry("").HostName, port); 
Uri httpUrl = new Uri(urlString); 
ServiceHost host = new WebServiceHost(typeof(mynamespace.myclass), httpUrl); 

WebHttpBinding wsBinding = new WebHttpBinding(); 
wsBinding.Security.Mode = WebHttpSecurityMode.Transport; 
wsBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate; 

host.Credentials.ServiceCertificate.SetCertificate(
                StoreLocation.LocalMachine, 
                StoreName.My, 
                X509FindType.FindBySubjectName, 
                certificateSubject); 


host.Credentials.ClientCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.Custom; 
host.Credentials.ClientCertificate.Authentication.CustomCertificateValidator = new MyX509CertificateValidator(); 

host.AddServiceEndpoint(typeof(myinterface), wsBinding, httpUrl);

来源

2014-09-12 09:24:33 Utkarsh

相关问题

 相关问题