具有证书身份验证的传输安全性

本文介绍了具有证书身份验证的传输安全性的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

当我访问我的网络服务 localhost/MyService/MyService.svc 时出现以下错误

I'm getting the following error when I access my webservice localhost/MyService/MyService.svc

服务 'SslRequireCert' 的 SSL 设置与 IIS 'Ssl, SslNegotiateCert' 的设置不匹配.

The SSL settings for the service 'SslRequireCert' does not match those of the IIS 'Ssl, SslNegotiateCert'.

我遵循 中指定的 web.config 示例msdn.microsoft/en-us/library/ms731074.aspx

这是我的 wcf 服务器 web.config:

Here is my wcf server web.config:

<?xml version="1.0" encoding="UTF-8"?> <configuration xmlns="schemas.microsoft/.NetConfiguration/v2.0"> <appSettings /> <system.web> <identity impersonate="false" /> <roleManager enabled="true" /> <authentication mode="Windows" /> <customErrors mode="Off" /> <webServices> <protocols> <add name="HttpGet" /> <add name="HttpPost" /> </protocols> </webServices> </system.web> <system.webServer> <directoryBrowse enabled="true" /> <validation validateIntegratedModeConfiguration="false" /> <security> <authorization> <remove users="*" roles="" verbs="" /> <add accessType="Allow" users="*" roles="" /> </authorization> </security> </system.webServer> <system.serviceModel> <services> <service name="AspNetSqlProviderService" behaviorConfiguration="MyServiceBehavior"> <endpoint binding="wsHttpBinding" contract="Interface1" bindingConfiguration="CertificateWithTransportWSHttpBinding" /> <endpoint binding="wsHttpBinding" contract="Interface2" bindingConfiguration="CertificateWithTransportWSHttpBinding" /> <endpoint address="mex" binding="wsHttpBinding" bindingConfiguration="CertificateWithTransportWSHttpBinding" name="Metadata_Exchange" contract="IMetadataExchange" /> </service> </services> <behaviors> <serviceBehaviors> <behavior name="MyServiceBehavior"> <serviceDebug includeExceptionDetailInFaults="True" /> <serviceMetadata /> <serviceCredentials> <clientCertificate> <authentication trustedStoreLocation="LocalMachine" revocationMode="Online"/> </clientCertificate> </serviceCredentials> </behavior> </serviceBehaviors> </behaviors> <bindings> <wsHttpBinding> <binding name="CertificateWithTransportWSHttpBinding"> <security mode="Transport"> <transport clientCredentialType="Certificate" /> </security> </binding> </wsHttpBinding> </bindings> </system.serviceModel> </configuration>

我的 IIS 配置如下:

I've configured IIS as follows:

• 使用自签名证书添加 https 绑定
• 在 SSL 设置下，勾选需要 SSL 并接受客户端证书
• 自签名证书已添加到本地计算机受信任的根 CA.

我可以浏览和执行 .asmx 服务定义，但是 .svc 给了我上述错误.

I can browse and execute the .asmx service definition, but the .svc gives me the error described above.

推荐答案

尝试注释掉你的 mex 端点.这应该让它工作

Try to comment out your mex endpoint. That should get it working