WCF安全性:不提供服务证书。在ServiceCredentials中指定服务证书
WCF安全性:不提供服务证书。在ServiceCredentials中指定服务证书
提问于 2014-10-13 14:49:09
我通过重载'UserNamePasswordValidator‘和使用消息安全性实现了WCF服务,通过自定义验证,但是在我的开发机器上没有证书,但是在活动环境中有SSL证书。因此,我使用下面的代码在实时服务器上托管了服务,但我的代码仍然低于错误。
'The service certificate is not provided. Specify a service certificate in ServiceCredentials'
'<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="customBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceCredentials>
<userNameAuthentication
userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="Myassembly.UserNameValidator,Myservice"/>
<serviceCertificate findValue="MyCertName" storeLocation="CurrentUser" storeName="TrustedPeople" x509FindType="FindBySubjectName" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings >
<wsHttpBinding>
<binding name="RequestUserName" >
<security mode="Message">
<message clientCredentialType="Certificate"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" minFreeMemoryPercentageToActivateService="0" />
<services>
<service name="CRMServices" behaviorConfiguration="customBehavior">
<!--For basic http binding endpoint-->
<endpoint address="" binding="wsHttpBinding"
bindingConfiguration="RequestUserName"
contract="ICRMServices">
<!--<identity>
<dns value="localhost" />
</identity>-->
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
<host>
<baseAddresses>
</baseAddresses>
</host>
</service>
</services>
</system.serviceModel> '
I have applied SSL to the deployed WCF service but when try to access the hosted URL it is giving '404' and in event viewer it is showing
'InvalidOperationException
Cannot find the X.509 certificate using the following search criteria: StoreName 'TrustedPeople', StoreLocation 'CurrentUser', FindType 'FindBySubjectName', FindValue 'Mycert'. at System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(StoreName storeName, StoreLocation storeLocation, X509FindType findType, Object findValue, EndpointAddress target, Boolean throwIfMultipleOrNoMatch '请帮帮我
回答 1
Stack Overflow用户
发布于 2014-10-13 18:13:38
它找不到证书。你具体说明:
<serviceCertificate findValue="MyCertName" storeLocation="CurrentUser" storeName="TrustedPeople" x509FindType="FindBySubjectName" />因此,它将在TrustedPeople中的CurrentUser存储中查找主题为MyCertName的证书。当您在visual studio中运行WCF服务时,它将在您的帐户下运行,因此当前用户在这种情况下可以使用。但是,当您在IIS上部署服务时,它将在应用程序池用户(默认情况下是IIS APPPOOL\DefaultAppPool用户)下运行。
我会的
- 检查要使用的证书在哪里(在哪个存储区)。我打赌它在LocalMachine\Personal商店里。您可以使用
mmc来检查 - 如果我可以选择将服务证书放在哪里,那么它将是LocalMachine\Personal。我将设置与运行服务的应用程序池用户的证书相对应的私钥访问权限。可以在
mmc中完成。 - 我会选择
x509FindType="FindByThumbrint"作为我的搜索标准。您可以很好地确定存储中只有一个证书。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/26342808
复制相关文章
相似问题
腾讯云开发者
