情况
我修改了 WCF 路由器示例以删除我当前未使用的内容,支持 clientVia 而不是直接连接,并支持 HTTP 和 HTTPS。当我使用路由器作为支持 MLS 服务的中介时,一切正常。当我将路由器用作启用 TLS 和 MLS 的服务的中间件时,我无法设置安全对话。
我正在使用 HTTP 连接到路由器,并尝试使用 HTTPS 路由到支持 SSL 的服务。如果我尝试对路由器使用 TLS,则路由器必须使用 HTTPS .. 然后我需要匹配证书,这就是我尝试设置客户端的原因 ==(HTTP)==> Router ==(HTTPS)==> 服务关系。
在直接连接(有效)的情况下发送建立 TLS 的消息与通过路由器发送建立 TLS 的消息非常不同。看起来客户端正在指示要发送的内容,但客户端不应该只发送 MLS 消息而路由器建立 TLS 然后发送 MLS 消息吗?
随后是代码和配置信息,以及由此产生的流量(直接和通过路由器)。由于没有对 RouterBindingElement 类进行任何相关更改,我已将其从下面的代码中删除(以节省空间)。
如有任何关于如何使 SSL 正常工作的建议,我们将不胜感激。
代码/配置
RouterBinding 类
public enum RouterTransport
{
Http = 0,
Tcp = 1,
NamedPipe = 2,
Https = 3
}
public enum MessageEncoding
{
Text,
Binary,
Mtom,
}
public class RouterBinding : Binding, IBindingRuntimePreferences
{
MessageEncoding messageEncoding;
RouterTransport transport;
HttpTransportBindingElement httpTransport;
HttpsTransportBindingElement httpsTransport;
TcpTransportBindingElement tcpTransport;
NamedPipeTransportBindingElement namedPipeTransport;
TextMessageEncodingBindingElement textEncoding;
MtomMessageEncodingBindingElement mtomEncoding;
BinaryMessageEncodingBindingElement binaryEncoding;
public RouterBinding()
: base()
{
Initialize();
}
public RouterBinding(string configurationName)
: this()
{
ApplyConfiguration(configurationName);
}
public RouterBinding(RouterTransport transport)
: this()
{
this.Transport = transport;
if (transport == RouterTransport.NamedPipe || transport == RouterTransport.Tcp)
{
this.MessageEncoding = MessageEncoding.Binary;
}
}
public RouterTransport Transport
{
get { return this.transport; }
set
{
this.transport = value;
}
}
public MessageEncoding MessageEncoding
{
get { return this.messageEncoding; }
set
{
this.messageEncoding = value;
}
}
public HostNameComparisonMode HostNameComparisonMode
{
get { return this.tcpTransport.HostNameComparisonMode; }
set
{
this.tcpTransport.HostNameComparisonMode = value;
this.namedPipeTransport.HostNameComparisonMode = value;
this.httpTransport.HostNameComparisonMode = value;
this.httpsTransport.HostNameComparisonMode = value;
}
}
public int ListenBacklog
{
get { return this.tcpTransport.ListenBacklog; }
set { this.tcpTransport.ListenBacklog = value; }
}
public long MaxBufferPoolSize
{
get { return this.tcpTransport.MaxBufferPoolSize; }
set
{
this.tcpTransport.MaxBufferPoolSize = value;
this.namedPipeTransport.MaxBufferPoolSize = value;
}
}
public int MaxBufferSize
{
get { return this.tcpTransport.MaxBufferSize; }
set
{
this.tcpTransport.MaxBufferSize = value;
this.namedPipeTransport.MaxBufferSize = value;
}
}
public int MaxConnections
{
get { return this.tcpTransport.ConnectionPoolSettings.MaxOutboundConnectionsPerEndpoint; }
set
{
this.tcpTransport.MaxPendingConnections = value;
this.namedPipeTransport.MaxPendingConnections = value;
this.tcpTransport.ConnectionPoolSettings.MaxOutboundConnectionsPerEndpoint = value;
this.namedPipeTransport.ConnectionPoolSettings.MaxOutboundConnectionsPerEndpoint = value;
}
}
public long MaxReceivedMessageSize
{
get { return this.tcpTransport.MaxReceivedMessageSize; }
set
{
this.tcpTransport.MaxReceivedMessageSize = value;
this.namedPipeTransport.MaxReceivedMessageSize = value;
this.httpTransport.MaxReceivedMessageSize = value;
this.httpsTransport.MaxReceivedMessageSize = value;
}
}
public bool PortSharingEnabled
{
get { return this.tcpTransport.PortSharingEnabled; }
set { this.tcpTransport.PortSharingEnabled = value; }
}
public TransferMode TransferMode
{
get { return this.tcpTransport.TransferMode; }
set
{
this.tcpTransport.TransferMode = value;
this.namedPipeTransport.TransferMode = value;
this.httpTransport.TransferMode = value;
this.httpsTransport.TransferMode = value;
}
}
bool IBindingRuntimePreferences.ReceiveSynchronously
{
get { return false; }
}
public override string Scheme
{
get { return this.TransportElement.Scheme; }
}
void Initialize()
{
this.httpTransport = new HttpTransportBindingElement();
this.httpsTransport = new HttpsTransportBindingElement();
this.tcpTransport = new TcpTransportBindingElement();
this.namedPipeTransport = new NamedPipeTransportBindingElement();
this.textEncoding = new TextMessageEncodingBindingElement();
this.mtomEncoding = new MtomMessageEncodingBindingElement();
this.binaryEncoding = new BinaryMessageEncodingBindingElement();
this.httpTransport.ManualAddressing = true;
this.httpsTransport.ManualAddressing = true;
this.tcpTransport.ManualAddressing = true;
this.namedPipeTransport.ManualAddressing = true;
this.transport = RouterTransport.Http;
this.messageEncoding = MessageEncoding.Text;
}
void ApplyConfiguration(string configurationName)
{
RouterBindingCollectionElement bindingCollectionElement = RouterBindingCollectionElement.GetBindingCollectionElement();
RouterBindingElement element = bindingCollectionElement.Bindings[configurationName];
if (element == null)
{
throw new ConfigurationErrorsException(string.Format("ConfigInvalidBindingConfigurationName", configurationName, bindingCollectionElement.BindingName));
}
else
{
element.ApplyConfiguration(this);
}
}
TransportBindingElement TransportElement
{
get
{
switch (this.transport)
{
case RouterTransport.Http:
return this.httpTransport;
case RouterTransport.Https:
return this.httpsTransport;
case RouterTransport.Tcp:
return this.tcpTransport;
case RouterTransport.NamedPipe:
return this.namedPipeTransport;
}
return null;
}
}
MessageEncodingBindingElement EncodingElement
{
get
{
switch (this.messageEncoding)
{
case MessageEncoding.Text:
return this.textEncoding;
case MessageEncoding.Mtom:
return this.mtomEncoding;
case MessageEncoding.Binary:
return this.binaryEncoding;
}
return null;
}
}
public override BindingElementCollection CreateBindingElements()
{
BindingElementCollection elements = new BindingElementCollection();
elements.Add(this.EncodingElement);
elements.Add(this.TransportElement);
return elements;
}
}
public partial class RouterBindingCollectionElement : StandardBindingCollectionElement<RouterBinding, RouterBindingElement>
{
// Removed for space
}
路由器类
class SoapRouterExtension : IExtension<ServiceHostBase>
{
IDictionary<string, Binding> bindings = new Dictionary<string, Binding>(2);
public SoapRouterExtension()
{
this.bindings.Add("http", new RouterBinding("HttpTextSoap12RouterBinding"));
this.bindings.Add("https", new RouterBinding("HttpsTextSoap12RouterBinding"));
}
public IDictionary<string, Binding> Bindings
{
get { return this.bindings; }
}
public void Attach(ServiceHostBase owner)
{ }
public void Detach(ServiceHostBase owner)
{ }
}
sealed class SoapRouterServiceBehavior : Attribute, IServiceBehavior
{
void IServiceBehavior.Validate(ServiceDescription description, ServiceHostBase serviceHostBase)
{ }
void IServiceBehavior.AddBindingParameters(ServiceDescription description, ServiceHostBase serviceHostBase, Collection<ServiceEndpoint> endpoints, BindingParameterCollection parameters)
{ }
void IServiceBehavior.ApplyDispatchBehavior(ServiceDescription description, ServiceHostBase serviceHostBase)
{
SoapRouterExtension extension = new SoapRouterExtension();
serviceHostBase.Extensions.Add(extension);
}
}
[SoapRouterServiceBehavior]
[ServiceBehavior(InstanceContextMode = InstanceContextMode.PerCall, ConcurrencyMode = ConcurrencyMode.Multiple, ValidateMustUnderstand = false, AddressFilterMode = AddressFilterMode.Any)]
public sealed class SoapRouter : IRequestReplyDatagramRouter, IDisposable
{
SoapRouterExtension extension;
public SoapRouter()
{
ServiceHostBase host = OperationContext.Current.Host;
this.extension = host.Extensions.Find<SoapRouterExtension>();
}
#region SoapIntermediary Request-Reply Datagram
Message IRequestReplyDatagramRouter.ProcessMessage(Message message)
{
EndpointAddress to = new EndpointAddress(message.Headers.To.AbsoluteUri);
IRequestReplyDatagramRouter forwardingChannel = null;
try
{
ChannelFactory<IRequestReplyDatagramRouter> factory = new ChannelFactory<IRequestReplyDatagramRouter>(this.extension.Bindings[to.Uri.Scheme], to);
factory.Endpoint.Behaviors.Add(new MustUnderstandBehavior(false));
forwardingChannel = factory.CreateChannel();
Console.WriteLine("Forwarding request " + message.Headers.Action + "...");
Message response = forwardingChannel.ProcessMessage(message);
Console.WriteLine("Forwarding response " + response.Headers.Action + "...");
return response;
}
finally
{
if (forwardingChannel != null)
{
IClientChannel channel = forwardingChannel as IClientChannel;
if (channel.State == CommunicationState.Faulted)
channel.Abort();
else
channel.Close();
}
}
}
#endregion
void IDisposable.Dispose()
{
}
}
public class ServiceDriver
{
public static void Main(string[] args)
{
ServiceHost serviceHost = new ServiceHost(typeof(SoapRouter));
serviceHost.Open();
Console.ReadLine();
}
}
服务绑定(bind)
HTTPS 绑定(bind)的配置应用于传出 TLS 连接。
<routerBinding>
<binding name="HttpTextSoap12RouterBinding"
transport="Http"
messageEncoding="Text"
messageVersion="Soap12WSAddressing10"
closeTimeout="01:00:00"
openTimeout="01:00:00"
receiveTimeout="01:00:00"
sendTimeout="01:00:00">
</binding>
<binding name="HttpsTextSoap12RouterBinding"
transport="Https"
messageEncoding="Text"
messageVersion="Soap12WSAddressing10"
closeTimeout="01:00:00"
openTimeout="01:00:00"
receiveTimeout="01:00:00"
sendTimeout="01:00:00">
</binding>
</routerBinding>
路况
我在{}中括起来的地方已经修改了,但整体意思没有改变。
直连
CONNECT {provider.com:443} HTTP/1.1
Host: {provider.com}
Proxy-Connection: Keep-Alive
直接 TLS 建立
POST {https://provider.com/service.svc} HTTP/1.1
Content-Type: application/soap+xml; charset=utf-8
Host: {provider.com}
Content-Length: 4379
Expect: 100-continue
Connection: Keep-Alive
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<a:Action s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT</a:Action>
<a:MessageID>urn:uuid:cfd9ec29-5e55-4154-8737-69f9b8b8bbb7</a:MessageID>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<a:To s:mustUnderstand="1" u:Id="_1">{https://provider.com/service.svc}</a:To>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="_0">
<u:Created>2011-03-04T14:06:27.993Z</u:Created>
<u:Expires>2011-03-04T14:11:27.993Z</u:Expires>
</u:Timestamp>
<o:BinarySecurityToken u:Id="uuid-526477b6-8ed4-4873-bba5-7997589cd63c-1" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"> {wFNcPIXogDSsEJYhXyu/H3NbS1oam7quaeDScz+MdDANBgkqhkiG9w0BAQUFADCBujEfMB0GA1UEChMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVyaVNpZ24sIEluYy4xMzAxBgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2VydmVyIENBIC0gQ2xhc3MgMzFJMEuIDPoxyyRVZOBT9HmFHglzaWduLmNvbS9DUFMgSW5jb3JwLmJ5IFJlZi4gTElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjAeFw0xMDA4MjYwMDAwMDBaFw0xMTA4MjYyMzU5NTlaMIGXMQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWExETAPBgNVBAcUCFJpY2htb25kMSswKQYDVQQKFCJBZmZpbGlhdGVkIENvbXB1dGVyIFNlcnZpY2VzLCBJbmMuMSQwIgYDVQQLFBtIZWFsdGggTWFuYWdlbWVudCBTb2x1dGlvbnMxDzANBgNVBAMUBkFDU0hJRTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArpBNMAnbIJ5MLafu2mYd8CJ1239FQ8LJlNfGwyVDkKHE8Quzdml28hIZ8XnLvUI0T9YWymf020SbqhwWKXt9eNH6IaRBZzIaT35NyAaUa/FA9rpCO/djt0z+wOukX75ZLmYtLHpskNtFfBtS9E+k2N8QEz7V+VJhHcWCVKESWBcCAwEAAaOCAa0wggGpMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgWgMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9TVlJJbnRsLWNybC52ZXJpc2lnbi5jb20vU1ZSSW50bC5jcmwwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcXAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMCgGA1UdJQQhMB8GCWCGSAGG+EIEAQYIKwYBBQUHAwEGCCsGAQUFBwMCMHEGCCsGAQUFBwEBBGUwYzAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AudmVyaXNpZ24uY29tMDsGCCsGAQUFBzAChi9oaiEP2i8vU1ZSSW50bC1haWEudmVyaXNpZ24uY29tL1NWUkludGwtYWlhLmNlcjBuBggrBgEFBQcBDARiMGChXqBcMFowWDBWFglpbWFnZS9naWYwITAfMAcGBSsOAwIaBBRLa7kolgYMu9BSOJsprEsHiyEFGDAmFiRodHRwOi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvMS5naWYwDQYJKoZIhvcNAQEFCB03AYEAXx9ZBgH5iWAnU8eOh2tNS286TFIcnAMJRiR3lvNs+2bi8NNl4a3AUcPhcfy+ybSHiL0Qu7wbpSnZ67FIT2SDa+h3v1JYhAu9hUrkJF9UGOWe8QOVUZuhjt5Uzs+YyRcI30FPRBjvsEqrnO+5ckoKqFEJVwV3FKMyMF5/gvZZszo=}</o:BinarySecurityToken>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#_0">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>{aepZFE9EXqlXmuAf3RwcA6vXThQ=}</DigestValue>
</Reference>
<Reference URI="#_1">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>{G9/ctKlSyWbRU78aQSLZmEbgdPw=}</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>{JAGbae324PdpRWOaIzihZygSAQVm3CJfOWbP6gsc0UJAGbae324PmYyqYMsgIMuCAlSHIj4yrEfbEL2XHt/nWlBfF0FgfhyqgcsEhc5vHR4kSmS7uKEoOZg8iMSDTGgk86YN5Z+UdB9ysIwe7KpxqrPmJAGbae324PdW8E2GWzY=}</SignatureValue>
<KeyInfo>
<o:SecurityTokenReference>
<o:Reference ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" URI="#uuid-526477b6-8ed4-4873-bba5-7997589cd63c-1"/>
</o:SecurityTokenReference>
</KeyInfo>
</Signature>
</o:Security>
</s:Header>
<s:Body>
<t:RequestSecurityToken xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">
<t:TokenType>http://schemas.xmlsoap.org/ws/2005/02/sc/sct</t:TokenType>
<t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType>
<t:Entropy>
<t:BinarySecret u:Id="uuid-18de0e52-6a66-442a-8b18-41e4037b5139-1" Type="http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce">{gjBI9ZhnJzJAGbae324P+APERNf9gqoJAGbae324PCA=}</t:BinarySecret>
</t:Entropy>
<t:KeySize>256</t:KeySize>
</t:RequestSecurityToken>
</s:Body>
</s:Envelope>
客户留言
POST http://localhost.:8000/services/soap12/text HTTP/1.1
Content-Type: application/soap+xml; charset=utf-8
Host: localhost.:8000
Content-Length: 1146
Expect: 100-continue
Connection: Keep-Alive
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing">
<s:Header>
<a:Action s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</a:Action>
<a:MessageID>urn:uuid:1f5e02f6-ce41-4b66-a3a8-eb4014d5d1cb</a:MessageID>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<a:To s:mustUnderstand="1">{https://provider.com/service.svc}</a:To>
</s:Header>
<s:Body>
<t:RequestSecurityToken Context="uuid-ffc85f7f-3ffa-4bc7-9174-5ab16948ec78-1" xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">
<t:TokenType>http://schemas.xmlsoap.org/ws/2005/02/sc/sct</t:TokenType>
<t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType>
<t:KeySize>256</t:KeySize>
<t:BinaryExchange ValueType=" http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">{FgMBAEgBAABEAwFNcPIXogDSsEJYhXyu/adf4eFAe436TWvHqqv6ZN+FSQAAFgAEAAUACgAJAGbae324PYAEwASAGMBAAAF/wEAAQA=}</t:BinaryExchange>
</t:RequestSecurityToken>
</s:Body>
</s:Envelope>
路由器连接
CONNECT {provider.com:443} HTTP/1.1
Host: {provider.com}
Proxy-Connection: Keep-Alive
路由器 TLS 建立
POST {https://provider.com/service.svc} HTTP/1.1
Content-Type: application/soap+xml; charset=utf-8
VsDebuggerCausalityData: uIDPoxyyRVZOBT9HmFHghQdaliEAAAAAAdkPtiI0y021hKG+IPwkNqyhfujS37tMnxoFJUL1/zoACQAA
Host: {provider.com}
Content-Length: 1146
Expect: 100-continue
Connection: Keep-Alive
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing">
<s:Header>
<a:Action s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</a:Action>
<a:MessageID>urn:uuid:1f5e02f6-ce41-4b66-a3a8-eb4014d5d1cb</a:MessageID>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<a:To s:mustUnderstand="1">{https://provider.com/service.svc}</a:To>
</s:Header>
<s:Body>
<t:RequestSecurityToken Context="uuid-ffc85f7f-3ffa-4bc7-9174-5ab16948ec78-1" xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">
<t:TokenType>http://schemas.xmlsoap.org/ws/2005/02/sc/sct</t:TokenType>
<t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType>
<t:KeySize>256</t:KeySize>
<t:BinaryExchange ValueType=" http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">{FgMBAEgBAABEAMIIEhzCCA/CgAwIBAgIQadf4eFAe436TWvHqqv6ZN+FSQAAFgAEAAUACgAJAGbae324PYAEwASAGMBAAAF/wEAAQA=}</t:BinaryExchange>
</t:RequestSecurityToken>
</s:Body>
</s:Envelope>
错误
Secure channel cannot be opened because security negotiation with the remote endpoint has failed. This may be due to absent or incorrectly specified EndpointIdentity in the EndpointAddress used to create the channel. Please verify the EndpointIdentity specified or implied by the EndpointAddress correctly identifies the remote endpoint.
最佳答案
我们有一个非常相似的场景,除了我们使用默认的 basicHttpBindings 而不是我们自定义的和配置。尽管如此,它仍然是从 HTTP 到 HTTPS 的桥接协议(protocol)。
有一点不明显,就是您的客户端配置所在的位置。客户端服务正在指定 Tansport 的安全模式,路由器也应该如此。这是我们的路由器配置,尽管很简单。
<services>
<service name="System.ServiceModel.Routing.RoutingService" behaviorConfiguration="RoutingServiceBehaviour">
<endpoint
address=""
binding="basicHttpBinding"
name="reqReplyEndpoint"
contract="System.ServiceModel.Routing.IRequestReplyRouter"/>
</service>
</services>
我们的客户端配置:
<client>
<endpoint
address="https://localhost/Service.svc"
binding="basicHttpBinding"
bindingConfiguration="SecureHttpBinding"
contract="*"
name="ServiceClientEndpoint"/>
</client>
SecureHttpBinding 是客户端指定的
<bindings>
<basicHttpBinding>
<binding name="SecureHttpBinding">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
我们的路由表根据过滤器中设置的条件确定要调用的服务。
此外,如果您在开发环境中使用自签名证书,请确保它们已正确注册。如果您使用两台不同的机器,则必须将服务证书导出到路由器服务机器。在这种情况下,您的自签名证书将需要使用机器名称而不是本地主机进行注册。
HTH.
关于WCF 路由到启用 SSL 的服务,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/5195816/