我开发了一个 WCF 服务,该服务使用传输安全性和所需的客户端证书。它托管在 IIS 7.5 上,需要检查客户端证书。我已经设置了一个 mex 端点,并且能够在我的浏览器中的https://mydomain.com/Folder/Service.svc/mex?wsdl中查看 wsdl 。使用 SoapUI,我能够成功连接并且服务完美运行。
但是,我想使用 svcutil.exe 设置一个测试客户端,因为这是我的客户端创建客户端所要做的。但是,当我运行时:
svcutil https://mydomain.com/Folder/Service.svc/mex?wsdl /svcutilConfig:app.config
我收到以下错误:
C:\Program Files\Microsoft Visual Studio 9.0\VC>svcutil https://mydomain.com/Folder/Service.svc/mex?wsdl /svcutilConfig:app.config
Microsoft (R) Service Model Metadata Tool
[Microsoft (R) Windows (R) Communication Foundation, Version 3.0.4506.2152]
Copyright (c) Microsoft Corporation. All rights reserved.
Attempting to download metadata from 'https://mydomain.com/Folder/Service.svc/mex?wsdl' using WS-Metadata Exchange or DISCO.
Microsoft (R) Service Model Metadata Tool
[Microsoft (R) Windows (R) Communication Foundation, Version 3.0.4506.2152]
Copyright (c) Microsoft Corporation. All rights reserved.
Error: Cannot obtain Metadata from https://mydomain.com/Folder/Service.svc/mex?wsdl
If this is a Windows (R) Communication Foundation service to which you have access, please check that you have enabled metadata publishing at the specified address. For help enabling metadata publishing, please refer to the MSDN documentation at http://go.microsoft.com/fwlink/?LinkId=65455.
WS-Metadata Exchange Error
URI: https://mydomain.com/Folder/Service.svc/mex?wsdl
Metadata contains a reference that cannot be resolved: 'https://mydomain.com/Folder/Service.svc/mex?wsdl'.
The HTTP request was forbidden with client authentication scheme 'Anonymous'.
The remote server returned an error: (403) Forbidden.
HTTP GET Error
URI: https://mydomain.com/Folder/Service.svc/mex?wsdl
There was an error downloading 'https://mydomain.com/Folder/Service.svc/mex?wsdl'.
The request failed with HTTP status 403: Forbidden.
这是我的服务器 web.config 文件中的相关配置:
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="MyServices">
<security mode="Transport">
<transport clientCredentialType="Certificate"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="ServiceBehavior" name="MyService.MyServiceManager">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="MyServices"
name="MyServices" contract="MyService.IMyServiceManager">
<identity>
<dns value="mydomain.com" />
</identity>
</endpoint>
<endpoint address="mex" binding="wsHttpBinding" bindingConfiguration="MyServices"
name="mexEndpoint" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpsGetEnabled="true" httpsGetUrl="https://mydomain.com:443/Folder/Service.svc/mex"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false"/>
<serviceCredentials>
<clientCertificate>
<certificate storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectDistinguishedName" findValue="CN=tempClientcert"/>
</clientCertificate>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
这是我的客户端 /svcutilConfig:app.config 文件:
<configuration>
<system.serviceModel>
<client>
<endpoint name="mexEndpoint" address="mex" binding="wsHttpBinding" contract="IMetadataExchange" behaviorConfiguration="MyBehavior" />
</client>
<behaviors>
<endpointBehaviors>
<behavior name="MyBehavior">
<clientCredentials>
<clientCertificate storeName="My" storeLocation="LocalMachine" x509FindType="FindBySubjectDistinguishedName" findValue="CN=tempClientcert" />
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>
</configuration>
我不明白为什么这个配置不起作用。此外,所有 wsdl 导入都解析为正确的 FQDN url,并且在 IIS 中启用了匿名身份验证。
任何援助将不胜感激。非常感谢您的帮助。