0

我有一个服务类:

namespace TestService
{
    public class Service:IService 
    {
        #region IService Members

        public string TestCall()
        {
            return "You just called a WCF webservice On SSL(Transport Layer Security)";
        }

        #endregion
    }
}

和配置服务:

<configuration>
    <system.serviceModel>
        <services>
            <service behaviorConfiguration="returnFaults" name="TestService.Service">
                <endpoint binding="wsHttpBinding" bindingConfiguration="TransportSecurity" contract="TestService.IService"/>
                <endpoint address="mex" binding="mexHttpsBinding" name="MetadataBinding" contract="IMetadataExchange"/>
            </service>
        </services>
        <behaviors>
            <serviceBehaviors>
                <behavior name="returnFaults">
                    <serviceDebug includeExceptionDetailInFaults="true"/>
                    <serviceMetadata httpsGetEnabled="true"/>
                    <serviceTimeouts/>
                </behavior>
            </serviceBehaviors>
        </behaviors>
        <bindings>
            <wsHttpBinding>
                <binding name="TransportSecurity">
                    <security mode="Transport">
                        <transport clientCredentialType="None"/>
                    </security>
                </binding>
            </wsHttpBinding>
        </bindings>
        <diagnostics>
            <messageLogging logEntireMessage="true" maxMessagesToLog="300" logMessagesAtServiceLevel="true" logMalformedMessages="true" logMessagesAtTransportLevel="true"/>
        </diagnostics>
    </system.serviceModel>
</configuration>

我将服务设置为 IIS,并在 https:“https://localhost/service.svc”和 http:“http://localhost/service.svc”处设置 http、https 服务,当设置 https 我已设置证书” WCF 服务器”。我可以访问地址“https://localhost/service.svc”的服务。我在地址“https://localhost/service.svc”添加了服务引用并调用服务:

   ServiceReference1.ServiceClient proxy = new ServiceReference1.ServiceClient();
            proxy.TestCall();

它返回错误:

根据验证程序,远程证书无效。

这个配置客户端:

<configuration>


  <system.web>
    <compilation debug="true" targetFramework="4.0" />


  </system.web>

  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>
  <system.serviceModel>
    <bindings>
      <wsHttpBinding>
        <binding name="WSHttpBinding_IService">
          <security mode="Transport">
            <transport clientCredentialType="None" />
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
    <client>
      <endpoint address="https://thanguk-pc/service.svc" binding="wsHttpBinding" behaviorConfiguration="firstSsl"
        bindingConfiguration="WSHttpBinding_IService" contract="ServiceReference1.IService"
        name="WSHttpBinding_IService" >
        <identity>
          <dns value="WcfServer" />
        </identity>
      </endpoint>
    </client>
    <behaviors>
      <endpointBehaviors>
        <behavior name="firstSsl">
          <clientCredentials>
            <serviceCertificate>
              <authentication certificateValidationMode="None" revocationMode="NoCheck"/>
            </serviceCertificate>
          </clientCredentials>
        </behavior>
      </endpointBehaviors>
    </behaviors>
  </system.serviceModel>
</configuration>

客户使用服务有什么问题?谢谢

4

1 回答 1

1

WCF 配置对我来说看起来不错。因此,我将开始查看您的证书、证书安装和主机名(正如@flem 所指出的)。谁颁发的证书?听起来它可能是自签名的。在SSL 握手期间,客户端将不信任自签名证书。您可以在服务器上运行netmon(打开 TLS 过滤器)并查看 SSL 握手。这可以让您深入了解故障发生的位置。

一个提示是,为了让您的服务正常工作,您应该能够通过 https 从客户端浏览元数据 (.svc),而不会出现任何浏览器证书错误(例如,chrome 上的绿色锁)。如果浏览器变绿,则通常证书已正确安装和配置。否则,WCF 也会拒绝它(但不会让您选择继续)。

于 2012-07-18T08:38:33.440 回答