我目前正在使用wcf服务器,并且希望从文件/资源(而不是证书存储区)加载我的证书以使部署更容易。任何想法如何做到这一点?selfhosting wcf服务器 - 从文件加载证书而不是证书存储区
感谢您的帮助!
我目前正在使用wcf服务器,并且希望从文件/资源(而不是证书存储区)加载我的证书以使部署更容易。任何想法如何做到这一点?selfhosting wcf服务器 - 从文件加载证书而不是证书存储区
感谢您的帮助!
假设你正在使用双工信道,你可以从文件加载证书如下:
//Load certificate file with private key
var certificate = new X509Certificate2("c:\certificate.pfx", "password");
//Configure your server by to use certificate, for example:
var host = new ServiceHost(typeof(YourService),
new Uri("Your service's uri"));
host.Credentials.ServiceCertificate.Certificate = certificate;
//configure your server to accept client's certificate , accept all
//certificate in this case, or you can assign it to the public key file
host.Credentials.ClientCertificate.Authentication.CertificateValidationMode
= X509CertificateValidationMode.None;
在您的客户端的代码,加载证书与上面相同
//configure your client to use certificate
var channelFactory = new ChannelFactory<IYourService>();
channelFactory.Credentials.ClientCertificate.Certificate =
clientCertificate;
//configure your client to accept server's certificate,
//again, for simplicity, just accept any server's certificate
channelFactory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode
= X509CertificateValidationMode.None;
我觉得你应该没问题。请记住,如果从文件加载,则必须加载由pvk2pfx.exe生成的.pfx文件,它具有私钥和公钥。否则WCF会混淆到在哪里查找私钥。
下面的SO问题有详细的代码示例介绍了如何执行此操作,但是这可能无法在证书受密码保护的情况下运行。
不错。值得指出的是,安全模式必须是“传输”,并且传输clientCredentialType必须是“证书”。 – Anders 2015-12-10 15:50:18