我想组织客户端和 WCF 服务之间的安全连接。客户必须确信,它可以信任该服务。
我为受信任的根和本地计算机上的个人存储创建了两个证书。我可以在证书插件中看到正确的证书路径。证书公用名是 localhost。
我在 IIS 上添加了 https 的绑定。
我有以下配置的服务
行为
<behavior name="AgencyTrustedServiceBehavior">
<dataContractSerializer maxItemsInObjectGraph="10000000" />
<serviceMetadata httpsGetEnabled="true" policyVersion="Policy15" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceCredentials>
<clientCertificate>
<authentication certificateValidationMode="None" />
</clientCertificate>
<serviceCertificate findValue="localhost" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
</serviceCredentials>
</behavior>
捆绑
<wsHttpBinding>
<binding name="InternetServiceBinding" closeTimeout="00:10:00"
openTimeout="00:10:00" sendTimeout="00:10:00" bypassProxyOnLocal="true"
maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Mtom">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="Transport">
<transport clientCredentialType="None">
<extendedProtectionPolicy policyEnforcement="Never" />
</transport>
</security>
</binding>
</wsHttpBinding>
端点
<service behaviorConfiguration="AgencyTrustedServiceBehavior" name="Megatec.MasterTourService.AuthService">
<endpoint address="Anonymous"
binding="wsHttpBinding"
bindingConfiguration="InternetServiceBinding"
name="Megatec.MasterTourService.Contracts.IAuthServiceAnonymous"
contract="Megatec.MasterTourService.Contracts.IAuthService">
</endpoint>
</service>
但是,当我尝试使用 WCFTestClient 访问该服务时,它会引发以下异常
There was no endpoint listening at http://localhost/IISTest/AuthService.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details. The remote server returned an error: (404) Not Found.
HTTP GET Error URI: http://localhost/IISTest/AuthService.svc The document at the url http://localhost/IISTest/AuthService.svc was not recognized as a known document type.The error message from each known type may help you fix the problem:
- Report from 'XML Schema' is 'The document format is not recognized (the content type is 'text/html; charset=UTF-8').'.
- Report from 'DISCO Document' is 'There was an error downloading 'https://dev4-10.megatec.ru/IISTest/AuthService.svc?disco'.'.
- The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
- The remote certificate is invalid according to the validation procedure.
- Report from 'http://localhost/IISTest/AuthService.svc' is 'The document format is not recognized (the content type is 'text/html; charset=UTF-8').'.
- Report from 'WSDL Document' is 'The document format is not recognized (the content type is 'text/html; charset=UTF-8').'.
怎么了?