0

尝试为 Windows XP 上的自托管 WCF 服务配置 SSL 端点。我的配置在 Windows 7 上运行良好;但是使用相同证书的Windows XP没有响应。我收到未找到服务器错误。

当我运行 netstat -an 时,我可以看到该服务正在侦听端口 443。在该端口上侦听的应用程序没有冲突,并且防火墙已关闭。

有没有人见过这个?关于如何解决的任何想法?

运行httpcfg query ssl产生以下结果:

C:\Documents and Settings\Kane>httpcfg query ssl
    IP                      : 0.0.0.0:443
    Hash                    :  4857fcdc71a69b8df67bb7cb7c6fb1073a08f23
    Guid                    : {00000000-0000-0000-0000-000000000000}
    CertStoreName           : (null)
    CertCheckMode           : 0
    RevocationFreshnessTime : 0
    UrlRetrievalTimeout     : 0
    SslCtlIdentifier        : (null)
    SslCtlStoreName         : (null)
    Flags                   : 0
------------------------------------------------------------------------------
    IP                      : 0.0.0.0:8443
    Hash                    :  4857fcdc71a69b8df67bb7cb7c6fb1073a08f23
    Guid                    : {00000000-0000-0000-0000-000000000000}
    CertStoreName           : (null)
    CertCheckMode           : 0
    RevocationFreshnessTime : 0
    UrlRetrievalTimeout     : 0
    SslCtlIdentifier        : (null)
    SslCtlStoreName         : (null)
    Flags                   : 0
------------------------------------------------------------------------------

下面是我的配置文件:

<?xml version="1.0"?>
<configuration>
  <system.web>
    <compilation debug="true" targetFramework="4.0"/>
  </system.web>
  <system.serviceModel>
    <protocolMapping>
      <add binding="webHttpBinding" scheme="http"/>
    </protocolMapping>
    <serviceHostingEnvironment multipleSiteBindingsEnabled="true" aspNetCompatibilityEnabled="false"/>
    <services>
      <service name="SomeWindowsService.SomeService" behaviorConfiguration="webServiceBehaviorConfig">
        <host>
          <baseAddresses>
            <add baseAddress="http://*:8080/"/>
            <add baseAddress="https://*/ssl/"/>
          </baseAddresses>
        </host>
        <!-- this endpoint is exposed at the base address provided by host: http://localhost:8080/someservice  -->
        <endpoint address="" binding="webHttpBinding"  behaviorConfiguration="WebHttpEndPointBehaviour" contract="SomeWindowsService.IFileAccessService"/>
        <endpoint name="someservice" address="someservice" binding="basicHttpBinding" bindingConfiguration="soapBindingConfig" contract="someservice"/>
        <endpoint name="someserviceSSL" address="ssl/someservice" binding="basicHttpBinding" bindingConfiguration="sslBindingConfig" contract="someservice"/>
        <endpoint address="mex" binding="mexHttpBinding" name="MetadataBinding" contract="IMetadataExchange"/>
      </service>
    </services>
    <!--Bindings-->
    <bindings>
      <basicHttpBinding>
        <binding name="soapBindingConfig" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647">
          <security mode="None"/>
          <readerQuotas maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxDepth="2147483647" maxNameTableCharCount="2147483647" maxStringContentLength="2147483647" />
        </binding>
        <binding name="sslBindingConfig" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647">
          <security mode="Transport"/>
          <readerQuotas maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxDepth="2147483647" maxNameTableCharCount="2147483647" maxStringContentLength="2147483647" />
        </binding>
      </basicHttpBinding>
    </bindings>
    <!--Behaviors-->
    <behaviors>
      <serviceBehaviors>
        <behavior name="webServiceBehaviorConfig">
          <serviceDebug includeExceptionDetailInFaults="true"/>
          <serviceMetadata httpGetEnabled="true" httpGetUrl="mex" httpsGetEnabled="true" httpsGetUrl="mex" />
          <dataContractSerializer maxItemsInObjectGraph="2147483647"/>
        </behavior>
      </serviceBehaviors>
      <endpointBehaviors>
        <behavior name="WebHttpEndPointBehaviour">
          <webHttp/>
        </behavior>
      </endpointBehaviors>
    </behaviors>
  </system.serviceModel>
  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>

  <startup><supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/><AutoStartTerminals>false</AutoStartTerminals></startup></configuration>
4

1 回答 1

0

好的,所以要了解导致此问题的原因,我必须首先打开 schannel 错误日志记录 ( http://support.microsoft.com/kb/260729 )。

在:HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL 下,我添加了一个新的 reg DWORD:值为 7 的 EventLogging。然后重新启动机器。

然后查看日志,我看到了错误:

事件类型:错误事件源:Schannel 事件类别:无事件 ID:36870 日期:2013 年 8 月 29 日时间:晚上 8:03:07 用户:不适用计算机:开发描述:尝试访问SSL 服务器凭证私钥。从加密模块返回的错误代码是 0x80090016。

有关详细信息,请参阅http://go.microsoft.com/fwlink/events.asp上的帮助和支持中心。

这个错误导致我看到以下文章: http: //support.microsoft.com/kb/939616在谷歌搜索后:“致命错误 0x80090016”

我重新导入了证书,问题就解决了。

关键是要退出 Windows。是日志记录提醒我证书问题。

于 2013-08-30T00:49:48.057 回答