Question

我必须联系。网上服务,可提出以下申请:

<soapenv:Header>
<wsse:Security
soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecuritysecext-
1.0.xsd">
<wsse:BinarySecurityToken
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soapmessage-
security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-tokenprofile-
1.0#X509v3"
wsu:Id="CertId-16010509"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurityutility-
1.0.xsd">
MIIElDCCA3ygAwIBAgIBQzANBgkqhkiG9w0BAQUFADBBMRMwEQYKCZImiZPyLGQBGRMDbmV0
MRUwEwYKCZImiZPyLGQBGRMFZ2VhbnQxEzARBgNVBAMTCmVkdUdBSU5TQ0EwHhcNMDcwNTI4
MDgxNjE2WhcNMDgwNTI3MDgxNjE2WjBbMRMwEQYKCZImiZPyLGQBGRYDbmV0MRUwEwYKCZIm
iZPyLGQBGRYFZ2VhbnQxEDAOBgNVBAoTB0ZlZElSSVMxGzAZBgNVBAMTEnRlc3QtYXMucmVk
aXJpcy5lczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANQxCW2uup3EDvVgWlpO
luEAZ9g/gfp6iwaypIrgp/
uk3J3LNT4iAfBg4KscZT4KnY97wHzCRoU2Uqgr3Lgm14RXZgbIl1pDf0XZa9uHVx0A+Q+
hnFhNevCbM7Bcw5gBwBEXKRm2aYTlUxrEXYitcyChSqxSqZ/
0BWwSe92lYiQxfdYh8k5NWnXrmqiSW3nQHLWGxMNt2qP/f6ih8I2e+D3R97XuHLk/
XnhethUwNIYRGtoiuinOr1hFRft1SfO1fAJsAdGiO1ERDXRNHHnTGUXRL5jIHXHl3hEfHd7X
TDfpSFB1q3hx0vwL5nLb6n6YpxS5G/
QkLtIZunaeS58rAOMCAwEAAaOCAXswggF3MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFDHi/
4JITDc5MCORoMV6+
Cookbook KBO Consult Web Services
Document: Cookbook KBO Consult Webservices vs1.10.2 nl.doc Versie 1.10.2
Opslagdatum 15/10/2008 10:49  9/65
HWVmYjtMB8GA1UdIwQYMBaAFIsPjyeA0pPXRl2RhLsumGKuBPHSMA4GA1UdDwEB/
wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwgZwGA1UdEQSBlDCBkYY3a
HR0cDovL3d3dy5yZWRpcmlzLmVzL3BraS9lZHVnYWluL2VlUmVzb2x2ZXI/
ZWU9YTNiMThjMYZWaHR0cDovL2VkdWdhaW4uZ2VhbnQubmV0L3Jlc29sdmVyP3Vybj11cm4l
M0FnZWFudCUzQWVkdWdhaW4lM0Fjb21wb25lbnQlM0FzcCUzQXRlc3QtYXMwQAYDVR0fBDkw
NzA1oDOgMYYvaHR0cDovL3d3dy5yZWRpcmlzLmVzL3BraS9lZHVnYWluL2NybC9jYWNybC5k
ZXIwFwYDVR0gBBAwDjAMBgorBgEEAbp7AgACMA0GCSqGSIb3DQEBBQUAA4IBAQAMj0taSdXv
60fFVI/djyqB47LqfhUMz1Ja0zKAjrZsS5H8SU+
D3ksOw0b6HR4BO21HFiYIHEB1UffEAgPqHhtcLT/
TJ5kiewKOqaHv5QcfgxFMolAiDUsB6i9bCrWdwJIqPePaDG7KHwcpmHB0vLwJihCpRBgdCqi
wz8i5VXdAmloMiEtnm1SU+1BfoTioi79/ZUhUBGPJb7GL20W3yyT9c4/
5JK5IKrRfXINlutqZgfUGXvyaxNh7Zgl3MpDaw8U5khl5ZSjcyfsBro2qQVMAJCcph1rwKNj
gX8MkTb4GYbUpcnVP7p089kz9OTOLteEzVTIi3VKKiykPWcUYlgwY
</wsse:BinarySecurityToken>
<ds:Signature Id="Signature-11459550" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-excc14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#id-9800632">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
/>
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>
LPWm9mc4GbU1/+Zf9qK3Abw9GAQ=
</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
ueCF0yGx7Nsda8a+PXkGi6cPBKcr/0ya+YWdkVezs+Rzwvk/++d0S4tl+oAU7zWBPo5f9PRsS8M9
CtzRh6RqMIMOorseStILW0do32w8YXGknVK76QH5+e1kVQqAGFHyMM5/mEQs/xXW5l0xiDoWPWfM
fTt4hqXv766A2jj3UrxYnKM/1x2qHF7OhydmsIiCasuUyHsQRd010xvpeedZ5kiwnEqQD1/sqDmf
WJ5gjs8aiqiVXoO1IYIm/VRHEoOkUmQp9zBBjtlj/aH2dFhxKrIrl4Fp5dsAbdA9iDNSesp7sDG6
Rgy/joFVJydp6Bolc8WjDf3r6WK+NDynT9F35g==
</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-12534898">
<wsse:SecurityTokenReference
wsu:Id="STRId-12160993"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
wss-wssecurity-utility-1.0.xsd">
<wsse:Reference
URI="#CertId-16010509"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-
200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
Cookbook KBO Consult Web Services
Document: Cookbook KBO Consult Webservices vs1.10.2 nl.doc Versie 1.10.2
Opslagdatum 15/10/2008 10:49  10/65
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
</soapenv:Header>
<soapenv:Body wsu:Id="id-9800632" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-
200401-wss-wssecurity-utility-1.0.xsd">
<ent:cbeEntityRequest>
...
</ent:cbeEntityRequest>
</soapenv:Body>
</soapenv:Envelope>

我不得不在肥皂申请中出具X.509v3证书,这样一来就是 app笑。

<binding name="WSConsultKBOSoap" closeTimeout="00:01:00" openTimeout="00:01:00"
     receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false"
     bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
     maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
     messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
     useDefaultWebProxy="true">
      <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
       maxBytesPerRead="4096" maxNameTableCharCount="16384" />

  <security mode="TransportWithMessageCredential">
    <transport clientCredentialType="None" proxyCredentialType="None"/>
    <message clientCredentialType="Certificate" algorithmSuite="Default"/>
  </security>
</binding>

以及客户资格:

<clientCertificate findValue="mycertificate" x509FindType="FindBySubjectName" storeLocation="CurrentUser" storeName="TrustedPeople" />

当我试图利用这一服务时,我发现错误。

"The private key is not present in the X.509 certificate."

这一服务是否真正需要私人钥匙? (did i configure some wrong in the app.config) or do I need a accreditation with a private key?

如果是这样的话,我如何为我的证书指定私人钥匙?

Answer 1

As I can see, your process can t get access to the Private Key. First of all, I would recommend to check whether you have the Private Key at all. Go to the MMC and add the Certificates snap-in. Find your certificate and check the properties:

“Properties”/

确保你获得私人关键通知(绿色边界)

如果你有私人钥匙,但很可能是用户,那么你的工作程序是操作的,或者仅仅看不到这套证书库(例如,当地服务等)。在您的账户下管理这一进程(实际上是:ASP.NET或WinForms?)并检查你是否能够建立这一联系。

Answer 2

我也存在同样的问题,确保进口.(你有密码)和检查箱“MARK KEY AS EXPORTABLE”(在进口码头),这将节省储存上的私人钥匙。

友情链接