问题描述
在WCF服务中实现UserNameForCertificate Security后,
after implementing UserNameForCertificate Security in WCF service,
当我浏览到svc文件时,出现以下错误:
when i browse to the svc file i am getting the following error:
描述:在执行当前Web请求期间发生未处理的异常.请查看堆栈跟踪,以获取有关错误及其在代码中起源的更多信息.
异常详细信息: System.Security.Cryptography.CryptographicException:密钥集不存在
可以帮助任何人解决此问题.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Security.Cryptography.CryptographicException: Keyset does not exist
can any one help in solving this issue.
我的web.config文件如下
my web.config file is as follows
< system.serviceModel>
<服务>
<服务名称="WCFServiceLibrary11.Service"; behaviorConfiguration =" ServiceBehaviorUserName"<!> ;!-此终结点在主机提供的基地址处公开-< endpoint address =""""" customBinding" contract ="WCFServiceLibrary11.IService"; bindingConfiguration ="UserNameForCertificateBinding"; />
</service>
</services>
< bindings>
< customBinding>
< binding name =" UserNameForCertificateBinding">
< textMessageEncoding messageVersion =" Soap12" writeEncoding ="utf-8">
maxBytesPerRead ="4096" maxNameTableCharCount ="999999999" />
</textMessageEncoding>
< security authenticationMode =" UserNameForCertificate"
messageProtectionOrder ="SignBeforeEncrypt"
requireDerivedKeys ="true"; includeTimestamp ="true". messageSecurityVersion =" WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"</bindings>
<system.serviceModel>
<services>
<service name="WCFServiceLibrary11.Service" behaviorConfiguration="ServiceBehaviorUserName">
<!-- This endpoint is exposed at the base address provided by host-->
<endpoint address=""
binding="customBinding" contract="WCFServiceLibrary11.IService" bindingConfiguration="UserNameForCertificateBinding" />
<endpoint contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
</service>
</services>
<bindings>
<customBinding>
<binding name="UserNameForCertificateBinding">
<textMessageEncoding messageVersion="Soap12" writeEncoding="utf-8">
<readerQuotas maxDepth="32" maxStringContentLength="999999999" maxArrayLength="999999999"
maxBytesPerRead="4096" maxNameTableCharCount="999999999" />
</textMessageEncoding>
<security authenticationMode="UserNameForCertificate"
messageProtectionOrder="SignBeforeEncrypt"
requireDerivedKeys="true" includeTimestamp="true" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
</security>
<httpTransport authenticationScheme="Anonymous"/>
</binding>
</customBinding>
</bindings>
< behaviors>
< serviceBehaviors>
< behavior name =" ServiceBehaviors"<>< serviceMetadata httpGetEnabled =" true" />
</behavior>
< behavior name =" ServiceBehaviorUserName" ;; >
.< serviceMetadata httpGetEnabled ="true"; />
< serviceCredentials>
< userNameAuthentication userNamePasswordValidationMode ="Custom" customUserNamePasswordValidatorType ="WCFServiceLibrary11.CustomUserNameValidator,WCFServiceLibrary11" />
.< serviceCertificate storeLocation ="LocalMachine"; storeName =我的" findValue ="CN = ServiceCertficate" x509FindType =''FindBySubjectDistinguishedName''/<//serviceCredentials<</behavior<</serviceBehaviors><<<</&behaviors. ;
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehaviors">
<serviceMetadata httpGetEnabled="true" />
</behavior>
<behavior name="ServiceBehaviorUserName" >
<serviceMetadata httpGetEnabled="true" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="WCFServiceLibrary11.CustomUserNameValidator,WCFServiceLibrary11" />
<serviceCertificate storeLocation="LocalMachine" storeName="My" findValue="CN=ServiceCertficate" x509FindType="FindBySubjectDistinguishedName"/>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
推荐答案
您可以使用FindPrivateKey.exe [1]工具或类似工具[2]
You can use the FindPrivateKey.exe [1] tool or the like [2]
[1]
[2]
http://www.leastprivilege.com/HowToGetToThePrivateKeyFileFromACertificate.aspx
hth,Allan
hth, Allan
这篇关于使用WCF实施UserNameForCertificate安全性的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!