我一直在努力使用我的开发计算机上的客户端证书(因此我的盒子充当客户端和服务器)来完成WCF传输安全性。使用客户端证书的WCF传输安全
http://msdn.microsoft.com/en-us/library/ff648498.aspx
http://msdn.microsoft.com/en-us/library/ff650751.aspx
我的环境是Visual Studio 2008的Windows 7上的IIS 7.5。一切似乎都没有问题,直到我向服务器发出请求时,通过打开IE浏览器并浏览我的一个.svc文件或运行我的Windows Form .NET客户端应用程序,然后拨打该服务的电话号码以下错误:
HTTP错误403.7 - 禁止
您尝试访问的页面要求浏览器具有Web服务器可识别的安全套接字层(SSL)客户端证书。
服务器配置文件:
<bindings>
<wsHttpBinding>
<binding name="CertificateWithTransport" maxReceivedMessageSize="2147483647" maxBufferPoolSize="2147483647">
<security mode="Transport">
<transport clientCredentialType="Certificate"></transport>
</security>
</binding>
</wsHttpBinding>
</bindings>
客户端配置文件:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="CertificateWithTransport" closeTimeout="00:10:00"
openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="655360" messageEncoding="Text"
textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="Certificate" realm="" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="clientCertificateConf">
<clientCredentials>
<clientCertificate
findValue="32 52 dc 36 e1 95 fb be 4e 3c f6 a6 92 13 53 f4 b5 32 47 45"
storeLocation="CurrentUser"
storeName="My"
x509FindType="FindByThumbprint" />
</clientCredentials>
<!--<clientCredentials>
<clientCertificate findValue="CN=localhostclient"
storeLocation="CurrentUser"
storeName="My"
x509FindType="FindBySubjectDistinguishedName" />
</clientCredentials>-->
<dataContractSerializer maxItemsInObjectGraph="2147483647"/>
</behavior>
</endpointBehaviors>
</behaviors>
<client>
<endpoint address="https://localhost/Source.svc" behaviorConfiguration="clientCertificateConf"
binding="wsHttpBinding" bindingConfiguration="CertificateWithTransport"
contract="SourceServerReference.ISourceService" name="SourceService.wsHttp" />
<endpoint address="https://localhost/Community.svc" behaviorConfiguration="clientCertificateConf"
binding="wsHttpBinding" bindingConfiguration="CertificateWithTransport"
contract="CommunityServerReference.ICommunityService" name="CommunityService.wsHttp" />
<endpoint address="https://localhost/ActivityLeadContact.svc"
behaviorConfiguration="clientCertificateConf" binding="wsHttpBinding"
bindingConfiguration="CertificateWithTransport" contract="ActivityLeadContactServerReference.IActivityLeadContactService"
name="ActivityLeadContactService.wsHttp" />
<endpoint address="https://localhost/User.svc" behaviorConfiguration="clientCertificateConf"
binding="wsHttpBinding" bindingConfiguration="CertificateWithTransport"
contract="UserServerReference.IUserService" name="UserService.wsHttp" />
<endpoint address="https://localhost/PickListItem.svc" behaviorConfiguration="clientCertificateConf"
binding="wsHttpBinding" bindingConfiguration="CertificateWithTransport"
contract="PickListItemServerReference.IPickListItemService"
name="PickListItemService.wsHttp" />
<endpoint address="https://localhost/Prospect.svc" behaviorConfiguration="clientCertificateConf"
binding="wsHttpBinding" bindingConfiguration="CertificateWithTransport"
contract="ProspectServiceReference.IProspectService" name="ProspectService.wsHttp" />
<endpoint address="https://localhost/ActivityLead.svc" behaviorConfiguration="clientCertificateConf"
binding="wsHttpBinding" bindingConfiguration="CertificateWithTransport"
contract="ActivityLeadServiceReference.IActivityLeadService"
name="ActivityLeadService.wsHttp" />
<endpoint address="https://localhost/ActivityReferral.svc" behaviorConfiguration="clientCertificateConf"
binding="wsHttpBinding" bindingConfiguration="CertificateWithTransport"
contract="ActivityReferralServiceReference.IActivityReferralService"
name="ActivityReferralService.wsHttp" />
<endpoint address="https://localhost/Referral.svc" behaviorConfiguration="clientCertificateConf"
binding="wsHttpBinding" bindingConfiguration="CertificateWithTransport"
contract="ReferralServiceReference.IReferralService" name="ReferralService.wsHttp" />
<endpoint address="https://localhost/LeadService.svc" behaviorConfiguration="clientCertificateConf"
binding="wsHttpBinding" bindingConfiguration="LeadService.wsHttp"
contract="LeadServerReference.ILeadService" name="LeadService.wsHttp" />
</client>
</system.serviceModel>
</configuration>
任何帮助将不胜感激!