selfhosting wcf服务器 - 从文件加载证书而不是证书存储区

Question

我目前正在使用wcf服务器，并且希望从文件/资源​​（而不是证书存储区）加载我的证书以使部署更容易。任何想法如何做到这一点？

感谢您的帮助！

Answer 1

我认为这是你在找什么： http://www.codeproject.com/KB/WCF/wcfcertificates.aspx

Answer 2

假设你正在使用双工信道，你可以从文件加载证书如下：

//Load certificate file with private key 
var certificate = new X509Certificate2("c:\certificate.pfx", "password"); 

//Configure your server by to use certificate, for example: 
var host = new ServiceHost(typeof(YourService), 
         new Uri("Your service's uri")); 
host.Credentials.ServiceCertificate.Certificate = certificate; 

//configure your server to accept client's certificate , accept all 
//certificate in this case, or you can assign it to the public key file 
host.Credentials.ClientCertificate.Authentication.CertificateValidationMode 
          = X509CertificateValidationMode.None; 

在您的客户端的代码，加载证书与上面相同

//configure your client to use certificate 
var channelFactory = new ChannelFactory<IYourService>(); 
channelFactory.Credentials.ClientCertificate.Certificate = 
              clientCertificate; 

//configure your client to accept server's certificate, 
//again, for simplicity, just accept any server's certificate 
channelFactory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode 
          = X509CertificateValidationMode.None; 

我觉得你应该没问题。请记住，如果从文件加载，则必须加载由pvk2pfx.exe生成的.pfx文件，它具有私钥和公钥。否则WCF会混淆到在哪里查找私钥。

Answer 3

下面的SO问题有详细的代码示例介绍了如何执行此操作，但是这可能无法在证书受密码保护的情况下运行。

Programmatic WCF Message Security with Certificates