问题描述

我有WCF服务，在一个ServiceHost内的不同端点使用BasicHttpBinding和NetTcpBinding。 NetTcp正在使用从文件加载的自签名证书，所有都很好，我试图实际使用BasicHttpBinding，所以我做：

I have WCF service, using both BasicHttpBinding and NetTcpBinding at different endpoints within one ServiceHost. NetTcp is using a self signed certificate, which is loaded from file, all were well untill I try to actually make use of the BasicHttpBinding, so I do:

在服务器上：

var ServiceHost host = new ServiceHost(blah blah);
host.Credentials.ServiceCertificate.Certificate = GetCertificate(); //load a certificate from file
host.Credentials.ClientCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
var httpBinding = new BasicHttpBinding();
httpBinding.Security.Mode = BasicHttpSecurityMode.Transport;
httpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;

在客户端：

ChannelFactory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
var cer = GetCertificate();
ChannelFactory.Credentials.ClientCertificate.Certificate = cer;

var httpBinding = new BasicHttpBinding();
httpBinding.Security.Mode = BasicHttpSecurityMode.Transport;
httpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
//accept any cert
System.Net.ServicePointManager.ServerCertificateValidationCallback =
                ((sender, certificate, chain, sslPolicyErrors) => true);

但是当连接时，我收到此错误

However when connects, I got this error

异常 -
向HTTP请求发送
时出错。这个
可能是由于
服务器证书没有在HTTPS
情况下使用HTTP.SYS正确配置
。这也可能是由客户端和服务器之间的安全绑定
的
不匹配引起的。

证书未安装，它与net tcp绑定工作正常，我想我必须错过一些小的？

certificate is not installed, and it worked fine with net tcp binding, I guess I must missed something small?

我注意到net.tcp是双工通道，而基本http是simplex，我相信有不同的设置？例如，我需要在net.tcp的两端加载证书，然后对基本http会发生什么？

One thing I notice is net.tcp is duplex channel while basic http is simplex, I am sure there is a difference to setup? For example, I needed to load certificate at both end for net.tcp, what happens to basic http then?

提前感谢

推荐答案

在WCF配置中未配置HTTPS的证书。您必须为http.sys配置证书。为此，请使用提升的权限从命令行使用。如果您在IIS / WAS中托管您的服务，则不必使用netsh，您可以。

Certificate for HTTPS is not configured in WCF configuration. You must configure certificate for http.sys. To do that use netsh.exe from command line with elevated privileges. If you are hosting your service in IIS/WAS you don't have to use netsh and you can configure HTTPS directly in IIS.

这篇关于BasicHttpBinding使用传输sercurity与自签名证书的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！