本文介绍了使用WCF实施UserNameForCertificate安全性的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

在WCF服务中实现UserNameForCertificate Security后,

after implementing UserNameForCertificate Security in WCF service,

当我浏览到svc文件时,出现以下错误:

when i browse to the svc file i am getting the  following error:

描述:在执行当前Web请求期间发生未处理的异常.请查看堆栈跟踪,以获取有关错误及其在代码中起源的更多信息.

异常详细信息: System.Security.Cryptography.CryptographicException:密钥集不存在

可以帮助任何人解决此问题.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Security.Cryptography.CryptographicException: Keyset does not exist

 can any one help in solving  this issue.

我的web.config文件如下

my web.config file is as follows

< system.serviceModel>
<服务>
<服务名称="WCFServiceLibrary11.Service"; behaviorConfiguration =" ServiceBehaviorUserName"<!> ;!-此终结点在主机提供的基地址处公开-< endpoint address =""""" customBinding" contract ="WCFServiceLibrary11.IService"; bindingConfiguration ="UserNameForCertificateBinding"; />

</service>
</services>

< bindings>
< customBinding>
< binding name =" UserNameForCertificateBinding">
< textMessageEncoding messageVersion =" Soap12" writeEncoding ="utf-8">
maxBytesPerRead ="4096" maxNameTableCharCount ="999999999" />
</textMessageEncoding>
< security authenticationMode =" UserNameForCertificate"
messageProtectionOrder ="SignBeforeEncrypt"
requireDerivedKeys ="true"; includeTimestamp ="true". messageSecurityVersion =" WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"</bindings>

 <system.serviceModel>
  <services>
   <service name="WCFServiceLibrary11.Service"  behaviorConfiguration="ServiceBehaviorUserName">
   <!-- This endpoint is exposed at the base address provided by host-->
    <endpoint address=""
        binding="customBinding" contract="WCFServiceLibrary11.IService" bindingConfiguration="UserNameForCertificateBinding" />
    
    <endpoint contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
   </service>
  </services>
  
  <bindings>
   <customBinding>
    <binding name="UserNameForCertificateBinding">
     <textMessageEncoding messageVersion="Soap12" writeEncoding="utf-8">
      <readerQuotas maxDepth="32" maxStringContentLength="999999999" maxArrayLength="999999999"
         maxBytesPerRead="4096" maxNameTableCharCount="999999999" />
     </textMessageEncoding>
     <security authenticationMode="UserNameForCertificate"  
         messageProtectionOrder="SignBeforeEncrypt"
         requireDerivedKeys="true"  includeTimestamp="true" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
     </security>
     <httpTransport authenticationScheme="Anonymous"/>
    </binding>
   </customBinding>
  </bindings>

< behaviors>
< serviceBehaviors>
< behavior name =" ServiceBehaviors"<>< serviceMetadata httpGetEnabled =" true" />
</behavior>
< behavior name =" ServiceBehaviorUserName" ;; >
.< serviceMetadata httpGetEnabled ="true"; />
< serviceCredentials>
< userNameAuthentication userNamePasswordValidationMode ="Custom" customUserNamePasswordValidatorType ="WCFServiceLibrary11.CustomUserNameValidator,WCFServiceLibrary11" />
.< serviceCertificate storeLocation ="LocalMachine"; storeName =我的" findValue ="CN = ServiceCertficate" x509FindType =''FindBySubjectDistinguishedName''/<//serviceCredentials<</behavior<</serviceBehaviors><<<</&behaviors. ;

  <behaviors>
   <serviceBehaviors>
    <behavior name="ServiceBehaviors">
     <serviceMetadata httpGetEnabled="true" />
    </behavior>
    <behavior name="ServiceBehaviorUserName" >
     <serviceMetadata httpGetEnabled="true" />
     <serviceCredentials>
      <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="WCFServiceLibrary11.CustomUserNameValidator,WCFServiceLibrary11" />
      <serviceCertificate storeLocation="LocalMachine" storeName="My" findValue="CN=ServiceCertficate" x509FindType="FindBySubjectDistinguishedName"/>
     </serviceCredentials>
    </behavior>
   </serviceBehaviors>
  </behaviors>
 </system.serviceModel>

推荐答案

您可以使用FindPrivateKey.exe [1]工具或类似工具[2]

You can use the FindPrivateKey.exe [1] tool or the like [2]

[1]

[2]

http://www.leastprivilege.com/HowToGetToThePrivateKeyFileFromACertificate.aspx

hth,Allan

hth, Allan


这篇关于使用WCF实施UserNameForCertificate安全性的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

09-23 17:27