我必须在 .NET 中连接到可以通过以下肥皂请求访问的服务:
<soapenv:Header>
<wsse:Security
soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecuritysecext-
1.0.xsd">
<wsse:BinarySecurityToken
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soapmessage-
security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-tokenprofile-
1.0#X509v3"
wsu:Id="CertId-16010509"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurityutility-
1.0.xsd">
MIIElDCCA3ygAwIBAgIBQzANBgkqhkiG9w0BAQUFADBBMRMwEQYKCZImiZPyLGQBGRMDbmV0
MRUwEwYKCZImiZPyLGQBGRMFZ2VhbnQxEzARBgNVBAMTCmVkdUdBSU5TQ0EwHhcNMDcwNTI4
MDgxNjE2WhcNMDgwNTI3MDgxNjE2WjBbMRMwEQYKCZImiZPyLGQBGRYDbmV0MRUwEwYKCZIm
iZPyLGQBGRYFZ2VhbnQxEDAOBgNVBAoTB0ZlZElSSVMxGzAZBgNVBAMTEnRlc3QtYXMucmVk
aXJpcy5lczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANQxCW2uup3EDvVgWlpO
luEAZ9g/gfp6iwaypIrgp/
uk3J3LNT4iAfBg4KscZT4KnY97wHzCRoU2Uqgr3Lgm14RXZgbIl1pDf0XZa9uHVx0A+Q+
hnFhNevCbM7Bcw5gBwBEXKRm2aYTlUxrEXYitcyChSqxSqZ/
0BWwSe92lYiQxfdYh8k5NWnXrmqiSW3nQHLWGxMNt2qP/f6ih8I2e+D3R97XuHLk/
XnhethUwNIYRGtoiuinOr1hFRft1SfO1fAJsAdGiO1ERDXRNHHnTGUXRL5jIHXHl3hEfHd7X
TDfpSFB1q3hx0vwL5nLb6n6YpxS5G/
QkLtIZunaeS58rAOMCAwEAAaOCAXswggF3MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFDHi/
4JITDc5MCORoMV6+
Cookbook KBO Consult Web Services
Document: Cookbook KBO Consult Webservices vs1.10.2 nl.doc Versie 1.10.2
Opslagdatum 15/10/2008 10:49 9/65
HWVmYjtMB8GA1UdIwQYMBaAFIsPjyeA0pPXRl2RhLsumGKuBPHSMA4GA1UdDwEB/
wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwgZwGA1UdEQSBlDCBkYY3a
HR0cDovL3d3dy5yZWRpcmlzLmVzL3BraS9lZHVnYWluL2VlUmVzb2x2ZXI/
ZWU9YTNiMThjMYZWaHR0cDovL2VkdWdhaW4uZ2VhbnQubmV0L3Jlc29sdmVyP3Vybj11cm4l
M0FnZWFudCUzQWVkdWdhaW4lM0Fjb21wb25lbnQlM0FzcCUzQXRlc3QtYXMwQAYDVR0fBDkw
NzA1oDOgMYYvaHR0cDovL3d3dy5yZWRpcmlzLmVzL3BraS9lZHVnYWluL2NybC9jYWNybC5k
ZXIwFwYDVR0gBBAwDjAMBgorBgEEAbp7AgACMA0GCSqGSIb3DQEBBQUAA4IBAQAMj0taSdXv
60fFVI/djyqB47LqfhUMz1Ja0zKAjrZsS5H8SU+
D3ksOw0b6HR4BO21HFiYIHEB1UffEAgPqHhtcLT/
TJ5kiewKOqaHv5QcfgxFMolAiDUsB6i9bCrWdwJIqPePaDG7KHwcpmHB0vLwJihCpRBgdCqi
wz8i5VXdAmloMiEtnm1SU+1BfoTioi79/ZUhUBGPJb7GL20W3yyT9c4/
5JK5IKrRfXINlutqZgfUGXvyaxNh7Zgl3MpDaw8U5khl5ZSjcyfsBro2qQVMAJCcph1rwKNj
gX8MkTb4GYbUpcnVP7p089kz9OTOLteEzVTIi3VKKiykPWcUYlgwY
</wsse:BinarySecurityToken>
<ds:Signature Id="Signature-11459550" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-excc14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#id-9800632">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
/>
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>
LPWm9mc4GbU1/+Zf9qK3Abw9GAQ=
</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
ueCF0yGx7Nsda8a+PXkGi6cPBKcr/0ya+YWdkVezs+Rzwvk/++d0S4tl+oAU7zWBPo5f9PRsS8M9
CtzRh6RqMIMOorseStILW0do32w8YXGknVK76QH5+e1kVQqAGFHyMM5/mEQs/xXW5l0xiDoWPWfM
fTt4hqXv766A2jj3UrxYnKM/1x2qHF7OhydmsIiCasuUyHsQRd010xvpeedZ5kiwnEqQD1/sqDmf
WJ5gjs8aiqiVXoO1IYIm/VRHEoOkUmQp9zBBjtlj/aH2dFhxKrIrl4Fp5dsAbdA9iDNSesp7sDG6
Rgy/joFVJydp6Bolc8WjDf3r6WK+NDynT9F35g==
</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-12534898">
<wsse:SecurityTokenReference
wsu:Id="STRId-12160993"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
wss-wssecurity-utility-1.0.xsd">
<wsse:Reference
URI="#CertId-16010509"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-
200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
Cookbook KBO Consult Web Services
Document: Cookbook KBO Consult Webservices vs1.10.2 nl.doc Versie 1.10.2
Opslagdatum 15/10/2008 10:49 10/65
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
</soapenv:Header>
<soapenv:Body wsu:Id="id-9800632" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-
200401-wss-wssecurity-utility-1.0.xsd">
<ent:cbeEntityRequest>
...
</ent:cbeEntityRequest>
</soapenv:Body>
</soapenv:Envelope>
我必须在我通过 app.config 做的肥皂请求中放置一个 X.509v3 证书
<binding name="WSConsultKBOSoap" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false"
bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" proxyCredentialType="None"/>
<message clientCredentialType="Certificate" algorithmSuite="Default"/>
</security>
</binding>
并在客户凭证中:
<clientCertificate findValue="mycertificate" x509FindType="FindBySubjectName" storeLocation="CurrentUser" storeName="TrustedPeople" />
当我尝试使用该服务时出现错误
“X.509 证书中不存在私钥。”
这个服务真的需要私钥吗?(我是否在 app.config 中配置了错误)还是需要带有私钥的证书?
如果是这种情况,我如何为我的证书分配私钥?