c# – WCF HTTPS SSL自托管证书.如何正确工作?
发布时间:2020-12-15 05:36:45 所属栏目:百科 来源:网络整理
导读:我正在努力使用WCF和在IIS中注册的自签名证书将Silverlight应用程序从HTTP转换为HTTPS. 我在Visual Studio 2010命令提示符中进行的调用: makecert -sv SignRoot.pvk -cy authority -r signroot.cer -a sha1 -n "CN=Dev Certification Authority" -ss my -sr
|
我正在努力使用WCF和在IIS中注册的自签名证书将Silverlight应用程序从HTTP转换为HTTPS.
我在Visual Studio 2010命令提示符中进行的调用: makecert -sv SignRoot.pvk -cy authority -r signroot.cer -a
sha1 -n "CN=Dev Certification Authority" -ss my -sr localmachine
makecert -iv SignRoot.pvk -ic signroot.cer -cy end -pe -n
CN="localhost" -eku 1.3.6.1.5.5.7.3.1 -ss my -sr
localmachine -sky exchange -sp
"Microsoft RSA SChannel Cryptographic Provider" -sy 12
我将此作为终点(这是Fiddler中仍然不是HTTP的调用) <!-- Address that the Silverlight clients will connect to --> <!-- as specified in their web.config --> <add key="gatewayListeningHttpURI" value="http://localhost:10201/" /> 当前服务器配置: <!-- set up binding for duplex service -->
<bindings>
<customBinding>
<binding name="customDuplexBinding">
<pollingDuplex duplexMode="MultipleMessagesPerPoll"
maxOutputDelay="00:00:01"
serverPollTimeout="00:01:00"
inactivityTimeout="02:00:00"
maxPendingMessagesPerSession="2147483647"
maxPendingSessions="2147483647" />
<binaryMessageEncoding>
<readerQuotas
maxDepth="2147483647"
maxStringContentLength="2147483647"
maxArrayLength="2147483647"
maxBytesPerRead="2147483647"
maxNameTableCharCount="2147483647" />
</binaryMessageEncoding>
<httpTransport
maxBufferSize="2147483647"
maxReceivedMessageSize="2147483647"
transferMode="StreamedResponse"
/>
</binding>
</customBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<!-- For Policy Service -->
<behavior name="webHttpEndpointBehavior">
<webHttp />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="sb">
<!-- To avoid disclosing metadata information,set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes,set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true"/>
<!-- This will solve a bug that happens if too many items are sent at once from the gateway to the client -->
<dataContractSerializer maxItemsInObjectGraph="2147483647"/>
<serviceThrottling
maxConcurrentCalls="200"
maxConcurrentSessions="200"
maxConcurrentInstances="200" />
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service name="ME.Streets.WebGateway.DuplexService.DuplexService"
behaviorConfiguration="sb">
<endpoint
address="basic"
binding="customBinding"
bindingConfiguration="customDuplexBinding"
contract="ME.Streets.WebGateway.DuplexService.Interface.IDuplexServiceContract">
</endpoint>
<endpoint
address=""
binding="webHttpBinding"
behaviorConfiguration="webHttpEndpointBehavior"
contract="ME.Streets.WebGateway.DuplexService.Interface.IPolicyRetriever"/>
<endpoint
address="mex"
binding="mexHttpBinding"
contract="IMetadataExchange"/>
</service>
</services>
当前客户端配置: private DuplexServiceContractClient CreateDuplexServiceClient(EndpointAddress endPoint)
{
PollingDuplexBindingElement pollingDuplexBindingElement = new PollingDuplexBindingElement();
pollingDuplexBindingElement.DuplexMode = PollingDuplexMode.MultipleMessagesPerPoll;
#if DEBUG
pollingDuplexBindingElement.ClientPollTimeout = TimeSpan.FromMinutes(15);
pollingDuplexBindingElement.InactivityTimeout = TimeSpan.FromMinutes(14);
#else
pollingDuplexBindingElement.ClientPollTimeout = TimeSpan.FromMinutes(60);
pollingDuplexBindingElement.InactivityTimeout = TimeSpan.FromMinutes(60);
#endif
HttpsTransportBindingElement httpsTransportBindingElement = new HttpsTransportBindingElement();
httpsTransportBindingElement.MaxBufferSize = int.MaxValue;
httpsTransportBindingElement.MaxReceivedMessageSize = int.MaxValue;
httpsTransportBindingElement.TransferMode = TransferMode.StreamedResponse;
CustomBinding binding = new CustomBinding(
pollingDuplexBindingElement,new BinaryMessageEncodingBindingElement(),httpsTransportBindingElement);
var dscc = new DuplexServiceContractClient(binding,endPoint);
dscc.InnerChannel.OperationTimeout = TimeSpan.FromMinutes(5);
#if DEBUG
dscc.InnerChannel.OperationTimeout = TimeSpan.FromMinutes(15);
#endif
return dscc;
}
我已经将我的silverlight应用程序部署到IIS中并添加了HTTPS协议,以便我可以通过在Web地址前添加HTTPS来实现它. 当我登录https网站(https:// localhost / FleetNew)时问题仍然存在,我仍然收到“显示MIxed内容”的错误 当我在fidler中观看时,调用localhost:10201这是不安全的http调用. 我的netsh http show sslcert命令给我带来了这个: IP:port : 0.0.0.0:10201
Certificate Hash : 0fb891e03c857d1c50b63163e5a0b999ed757ea1
Application ID : {3d5900ae-111a-45be-96b3-d9e4606ca793}
Certificate Store Name : (null)
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : Disabled
IP:port : 0.0.0.0:443
Certificate Hash : 0fb891e03c857d1c50b63163e5a0b999ed757ea1
Application ID : {4dc3e181-e14b-4a21-b022-59fc669b0914}
Certificate Store Name : MY
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : Disabled
请帮我正确配置,以便对locahost:20102的调用将适用于ssl和HTTPS 解决方法
我可以告诉您,缺少使用SSL托管WCF自托管服务所需的几个HTTPS元数据端点和行为配置.做你需要的主要步骤如下:
>创建自签名证书(用于测试目的),其中包含端点URL域名的匹配公用名值(最好使用您的计算机名称) 这是一个相当漫长的过程,所以我没有尝试记录这里的每一步,而是有一篇博文,详细介绍了使用SSL获取WCF自托管服务所需的内容.这应该可以帮助您查看可以应用于项目的有效解决方案: Applying and Using a SSL Certificate With A Self-Hosted WCF Service (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |