1
我试图通过ClientCredentialType设置为'None'来实现具有压缩和消息安全性的自定义WS绑定。该服务已配置并正在成功运行。我也设法配置客户端并成功运行它。但是,我需要以编程方式设置客户端,所以当我尝试将客户端配置转换为代码时,出现错误'未为目标'xxx'提供服务证书。在ClientCredentials中指定一个服务证书。' 我正在使用自动生成的代理客户端,并且我遵循了建议来覆盖客户端构造函数,并直接在ClientCredentials或客户端端点行为中指定服务证书CertificateValidationMode,但仍然没有运气。自定义WS绑定错误:未为目标'xxx'提供服务证书。在ClientCredentials中指定服务证书
我希望在解决这个问题上有任何帮助。作为参考,我在下面包括配置和它的代码翻译。
客户机配置:
<system.serviceModel>
<bindings>
<customBinding>
<binding name="customWSBinding" sendTimeout="00:15:00">
<security authenticationMode="SecureConversation" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
<secureConversationBootstrap authenticationMode="AnonymousForSslNegotiated" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10" />
</security>
<gzipMessageEncoding innerMessageEncoding="textMessageEncoding"/>
<httpTransport hostNameComparisonMode="StrongWildcard" manualAddressing="False"
maxReceivedMessageSize="2147483647" maxBufferSize="2147483647" maxBufferPoolSize="2147483647"
authenticationScheme="Anonymous" bypassProxyOnLocal="False" realm="" useDefaultWebProxy="True"/>
</binding>
</customBinding>
</bindings>
<client>
<endpoint address=""
binding="customBinding"
bindingConfiguration="customWSBinding"
behaviorConfiguration="ClientBehavior"
contract="IService"
name="ServiceEndpoint">
<identity>
<dns value="contoso.com"/>
</identity>
</endpoint>
</client>
<behaviors>
<endpointBehaviors>
<behavior name="ClientBehavior">
<clientCredentials>
<serviceCertificate>
<authentication certificateValidationMode="None"/>
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>
等效代码:
SecurityBindingElement securityElement = SecurityBindingElement.CreateSecureConversationBindingElement(SecurityBindingElement.CreateAnonymousForCertificateBindingElement());
securityElement.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10;
GZipMessageEncodingBindingElement encodingElement = new GZipMessageEncodingBindingElement();
TextMessageEncodingBindingElement txtMsgBE = new TextMessageEncodingBindingElement();
encodingElement.InnerMessageEncodingBindingElement = txtMsgBE;
HttpTransportBindingElement httpTransportElement = new HttpTransportBindingElement();
httpTransportElement.HostNameComparisonMode = HostNameComparisonMode.StrongWildcard;
httpTransportElement.ManualAddressing = false;
httpTransportElement.MaxReceivedMessageSize = Int32.MaxValue;
httpTransportElement.MaxBufferSize = Int32.MaxValue;
httpTransportElement.MaxBufferPoolSize = Int32.MaxValue;
httpTransportElement.AuthenticationScheme = AuthenticationSchemes.Anonymous;
httpTransportElement.BypassProxyOnLocal = false;
httpTransportElement.UseDefaultWebProxy = true;
System.ServiceModel.Channels.Binding binding = new CustomBinding(securityElement, encodingElement, httpTransportElement);
binding.SendTimeout = TimeSpan.FromMinutes(15);
EndpointAddress address = new EndpointAddress(new Uri(svcURL), EndpointIdentity.CreateDnsIdentity("contoso.com"));
ServiceClient svcClient = new ServiceClient(binding, address);
重写的代理客户端:
public ServiceClient(System.ServiceModel.Channels.Binding binding, System.ServiceModel.EndpointAddress remoteAddress)
:base (binding, remoteAddress)
{
System.ServiceModel.Description.ClientCredentials cc = new System.ServiceModel.Description.ClientCredentials();
cc.ServiceCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.None;
base.Endpoint.Behaviors.RemoveAt(1);
base.Endpoint.Behaviors.Add(cc);
}
可能的重复http://stackoverflow.com/questions/4441072/the-service-certificate-is-not-provided-for-target-specify-a-service-certi – 2011-12-18 18:48:29