Question

I am trying to configure WCF service with security. I have generated 2 certificates (for server and client side) stored in LocalComputerPersonal Certificates. My configuration is:

<>Server>

<netTcpBinding>
   <binding name="defaultBinding">
      <security mode="Transport">
         <transport clientCredentialType="Certificate"/>
      </security>
   </binding>
</netTcpBinding>

<service name="..." behaviorConfiguration="serviceBehavior">
   <endpoint address="..." binding="netTcpBinding" bindingConfiguration="defaultBinding" contract="...">
      <identity>
        <dns value="ClientSide"/>
      </identity>
    </endpoint>
 </service>

 <behavior name="serviceBehavior">
    <serviceCredentials>
       <serviceCertificate storeLocation="LocalMachine" storeName="My" findValue="ServerSide" x509FindType="FindBySubjectName"/>
       <clientCertificate>
          <authentication certificateValidationMode="None" revocationMode="NoCheck"/>
       </clientCertificate>
    </serviceCredentials>
 <behavior>

<><>Client>:

<netTcpBinding>
   <binding name="defaultBinding">
      <security mode="Transport">
         <transport clientCredentialType="Certificate"/>
      </security>
   </binding>
</netTcpBinding>

<endpoint name="..." binding="netTcpBinding" bindingConfiguration="defaultBinding" contract="..."
            behaviorConfiguration="endpointBehavior">
  <identity>
    <dns value="ServerSide"/>
  </identity>
</endpoint>

 <behavior name="endpointBehavior">
    <clientCredentials>
       <serviceCertificate>
          <authentication certificateValidationMode="None" revocationMode="NoCheck"/>
       </serviceCertificate>
       <clientCertificate storeLocation="LocalMachine" storeName="My" findValue="ClientSide" x509FindType="FindBySubjectName"/>
    </clientCredentials>
 <behavior>

我是例外:没有提供客户证书。客户资格证书明细表

我曾尝试过许多辅导员,但没有一名教员。任何建议?

Answer 1

The answer is actually in the Exception. You don t have a client certificate. You define a service certificate for the client certificate with this

<clientCredentials>
       <serviceCertificate>
          <authentication certificateValidationMode="None" revocationMode="NoCheck"/>
       </serviceCertificate>
       <clientCertificate storeLocation="LocalMachine" storeName="My" findValue="ClientSide" x509FindType="FindBySubjectName"/>
    </clientCredentials>

But what you actually should have done is defining a client certificate for the client

<system.serviceModel>
   <behaviors>
      <endpointBehaviors>
         <behavior name="endpointBehavior">
            <clientCredentials>
               <clientCertificate storeLocation="LocalMachine" storeName="My" findValue="ClientSide" x509FindType="FindBySubjectName" />
               <serviceCertificate>
                  <authentication certificateValidationMode="None" revocationMode="NoCheck" />
               </serviceCertificate>
            </clientCredentials>
         </behavior>
      </endpointBehaviors>
   </behaviors>
</system.serviceModel>

这至少应当解决您的<条码>。未提供客户证明。在客户指数例外中注明客户证书。

友情链接