8

我一直在使用自签名证书将 http 应用程序转换为 https 和 ssl。

出于某种原因,我必须在浏览器中访问 localhost:##### 才能启动服务。

服务启动后,我在 Visual Studio 2012 命令行提示符下使用以下调用对其进行测试:

svcutil.exe https://localhost:10201/?wsdl

它回来了

Error: Cannot obtain Metadata from https://localhost:10201/?wsdl

If this is a Windows (R) Communication Foundation service to which you have access, please check that you have enabled metadata publishing at the specified address.  For help enabling metadata publishing, please refer to the MSDN documentation at http://go.microsoft.com/fwlink/?LinkId=65455.


WS-Metadata Exchange Error
    URI: https://localhost:10201/?wsdl

    Metadata contains a reference that cannot be resolved: 'https://localhost:10201/?wsdl'.

    Could not establish trust relationship for the SSL/TLS secure channel with authority 'localhost:10201'.

    The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.

    The remote certificate is invalid according to the validation procedure.


HTTP GET Error
    URI: https://localhost:10201/?wsdl

    There was an error downloading 'https://localhost:10201/?wsdl'.

    The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.

    The remote certificate is invalid according to the validation procedure.

If you would like more help, type "svcutil /?"

这不利于我使用 HTTPS 的成功吗?

我的配置如下所示:

<system.serviceModel>

    <!--SERVICES-->
    <services>
      <service name="DuplexService.DuplexService"
         behaviorConfiguration="sb">

        <endpoint
           address="basic"
           binding="customBinding"
           bindingConfiguration="customDuplexBinding"
           contract="DuplexService.Interface.IDuplexServiceContract">
        </endpoint>

        <endpoint
            address=""
            binding="webHttpBinding"
            behaviorConfiguration="webHttpEndpointBehavior"
            bindingConfiguration="webHttpsBinding"
            contract="Interface.IPolicyRetriever">
        </endpoint>

        <endpoint
            address="mex"
            binding="mexHttpsBinding"
            contract="IMetadataExchange">
        </endpoint>

        <host>
        <baseAddresses>
          <add baseAddress="https://localhost:10201" />
        </baseAddresses>
        </host>
      </service>


    </services>


    <!--BEHAVIOURS-->
    <behaviors>
    <!--Policy-->
      <endpointBehaviors>
        <!-- For Policy Service -->
        <behavior name="webHttpEndpointBehavior">
          <webHttp  />
        </behavior>
      </endpointBehaviors>


<!--behaviour for all of the enpoints -->
      <serviceBehaviors>
        <behavior name="sb">
          <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
          <serviceMetadata httpsGetEnabled="true" httpsGetUrl="https://localhost:10201"/>
          <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
          <serviceDebug includeExceptionDetailInFaults="true"/>
          <!-- This will solve a bug that happens if too many items are sent at once from the gateway to the client -->
          <dataContractSerializer maxItemsInObjectGraph="2147483647"/>
          <serviceThrottling
          maxConcurrentCalls="200"
          maxConcurrentSessions="200"
          maxConcurrentInstances="200" />
        </behavior>
      </serviceBehaviors>
    </behaviors>



    <!-- BINDINGS-->
    <bindings>

    <webHttpBinding>
        <binding name="webHttpsBinding">
            <security mode="Transport">
                <transport clientCredentialType="None" />
            </security>
        </binding>
    </webHttpBinding>

      <customBinding>
        <binding name="customDuplexBinding">
          <pollingDuplex duplexMode="MultipleMessagesPerPoll"
               maxOutputDelay="00:00:01"
       serverPollTimeout="00:01:00"
       inactivityTimeout="02:00:00"
       maxPendingMessagesPerSession="2147483647"
       maxPendingSessions="2147483647" />
          <binaryMessageEncoding>
            <readerQuotas
              maxDepth="2147483647"
              maxStringContentLength="2147483647"
              maxArrayLength="2147483647"
              maxBytesPerRead="2147483647"
              maxNameTableCharCount="2147483647" />
          </binaryMessageEncoding>
          <httpsTransport
      maxBufferSize="2147483647"
      maxReceivedMessageSize="2147483647"
      transferMode="StreamedResponse" />
        </binding>
      </customBinding>



    </bindings>




    <!-- Register the binding extension from the SDK. -->
    <extensions>
      <bindingElementExtensions>
        <add name="pollingDuplex"
             type="System.ServiceModel.Configuration.PollingDuplexElement, System.ServiceModel.PollingDuplex" />
      </bindingElementExtensions>
    </extensions>
  </system.serviceModel>

我怎样才能摆脱它?并使元数据工作和 GET 工作?

4

2 回答 2

10

我可以想到 4 种方法来解决这个问题。

  1. 将自签名证书安装为受信任的根身份验证。MMC -> 证书
  2. 使用浏览器导航到 wsdl(点击过去的证书错误),将其保存,然后直接生成 wsdl。
    • 将 wsdl 的 url 放在浏览器中,然后单击证书警告,以便您可以看到实际的 wsdl
    • 将 wsdl 保存到您的计算机。在chrome中,您可以右键单击,另存为。
    • 在 Visual Studio 中
      • 右键单击项目并选择“添加服务引用”
      • 在地址框中,输入下载的 wsdl 的物理路径 (C:\directory...)。
      • 打去
  3. 启动 fiddler 并告诉它解密 https,这将安装证书并为您提供忽略远程证书错误的选项。在这里描述。http://proq.blogspot.com/2012/02/svcutil-and-https.html
  4. 使用由受信任的根签名的证书。

我没有看到忽略证书错误的 svcutil 选项。

于 2012-11-16T02:48:23.477 回答
0

我遇到过同样的问题。对我来说,我注意到 https 正在使用另一个在到期日期方面无效的证书。不知道为什么会这样。我更改了 Https 端口号和新的自签名证书。WCFtestClinet 可以通过 HTTPS 连接到服务器!

于 2013-11-14T14:04:07.800 回答