1
我试图设置此WCF服务只接受客户端提交“测试01”证书时的请求。问题是它似乎接受来自同一机构的任何证书,例如“测试04”。WCF服务接受任何旧证书
如何拒绝所有未使用“Test 01”证书发送的请求?
<basicHttpBinding>
<binding
name="TestSecureBinding"
maxReceivedMessageSize="5242880">
<security mode="Transport">
<transport
clientCredentialType="Certificate"></transport>
</security>
</binding>
</basicHttpBinding>
<behavior name="TestCertificateBehavior">
<serviceCredentials>
<clientCertificate>
<certificate
storeLocation="LocalMachine"
x509FindType="FindBySubjectName"
findValue="Test 01"/>
<authentication
certificateValidationMode="PeerTrust"
trustedStoreLocation="LocalMachine"
revocationMode="NoCheck"/>
</clientCertificate>
</serviceCredentials>
</behavior>
<service
name="IService"
behaviorConfiguration="TestCertificateBehavior">
<endpoint
name="MyHttps"
address="https://localhost:443"
contract="IService"
binding="basicHttpBinding"
bindingConfiguration="TestSecureBinding">
</endpoint>
<host>
<baseAddresses>
<add baseAddress="https://localhost:443"/>
</baseAddresses>
</host>
</service>
你必须写一个自定义的证书验证: [见这个问题] [1] [1]:http://stackoverflow.com/questions/1559915/custom-certificate-验证功能于WCF服务 –