文章出處

1.證書的制作

makecert.exe -sr LocalMachine -ss My -a sha1 -n CN=ParkingServer -sky exchange -pe
makecert.exe -sr LocalMachine -ss My -a sha1 -n CN=ParkingClient -sky exchange -pe

注意:證書制作完后還要對相應的證書讀取權限作配置。

WCF取用X.509證書,服務端和客戶端都要作相應的修改。

2.服務端的修改

behavior節點:

        <behavior name="CustomBehavior">
          <serviceMetadata httpGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="true" />
          <serviceCredentials>
            <clientCertificate>
              <authentication certificateValidationMode="None" />
            </clientCertificate>
            <serviceCertificate findValue="ParkingServer" storeLocation="LocalMachine"
              storeName="My" x509FindType="FindBySubjectName" />
          </serviceCredentials>
        </behavior>

binding節點

      <wsHttpBinding>
        <binding name="CustomWsHttpBinding">
          <security mode="Message">
            <message clientCredentialType="Certificate"/>
          </security>
        </binding>
      </wsHttpBinding>

service節點

    <service  name="WcfService1.Service1" behaviorConfiguration="CustomBehavior">
        <endpoint address="" binding="wsHttpBinding" bindingConfiguration="CustomWsHttpBinding"
          contract="WcfService1.IService1">
          <identity>
            <dns value="ParkingServer" />
          </identity>
        </endpoint>
        <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
      </service>

3.客戶端的修改

client-endpoint節點

      <endpoint address="http://localhost:60909/Service2.svc" binding="basicHttpBinding" behaviorConfiguration="CustomBehavior2"
        bindingConfiguration="BasicHttpBinding_IService2" contract="ServiceReference2.IService2"
        name="BasicHttpBinding_IService2">
        <identity>
          <dns value="ParkingServer" />
        </identity>
      </endpoint>

bindings節點

      <basicHttpBinding>
        <binding name="BasicHttpBinding_IService2">
          <security mode="Message">
            <message clientCredentialType="Certificate" />
          </security>
        </binding>
      </basicHttpBinding>

behavior節點

behavior節點,wsHttpBindings和basicHttpBindings的綁定內容有所不同。basicHttpBindings多一個defaultCertificate的配置

basicHttpBindings

        <behavior name="CustomBehavior2">
          <clientCredentials>
            <clientCertificate findValue="zoesoft"
                                x509FindType="FindBySubjectName"
                                storeLocation="LocalMachine"
                                storeName="My"/>
            <serviceCertificate>
              <authentication certificateValidationMode="None"/>
              <defaultCertificate findValue="ParkingServer" storeName="My" storeLocation="LocalMachine" x509FindType="FindBySubjectName"/>
            </serviceCertificate>
          </clientCredentials>
        </behavior>

wsHttpBindings

        <behavior name="CustomBehavior">
          <clientCredentials>
            <clientCertificate findValue="zoesoft"
                                x509FindType="FindBySubjectName"
                                storeLocation="LocalMachine"
                                storeName="My"/>
            <serviceCertificate>
              <authentication certificateValidationMode="None"/>
            </serviceCertificate>
          </clientCredentials>
        </behavior>

 

參考:

WCF開發框架形成之旅--如何實現X509證書加密

Invoke WCF service from Java Client with Authentication (X.509 Certificate) Java 客戶端調用WCF服務 需要安全驗證

 


文章列表


不含病毒。www.avast.com
全站熱搜
創作者介紹
創作者 大師兄 的頭像
大師兄

IT工程師數位筆記本

大師兄 發表在 痞客邦 留言(0) 人氣()