当我访问我的网络服务 localhost/MyService/MyService.svc 时出现以下错误
The SSL settings for the service 'SslRequireCert' does not match those of the IIS 'Ssl, SslNegotiateCert'.
我遵循了 http://msdn.microsoft.com/en-us/library/ms731074.aspx 中指定的 web.config 示例
这是我的 wcf 服务器 web.config:
<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<appSettings />
<system.web>
<identity impersonate="false" />
<roleManager enabled="true" />
<authentication mode="Windows" />
<customErrors mode="Off" />
<webServices>
<protocols>
<add name="HttpGet" />
<add name="HttpPost" />
</protocols>
</webServices>
</system.web>
<system.webServer>
<directoryBrowse enabled="true" />
<validation validateIntegratedModeConfiguration="false" />
<security>
<authorization>
<remove users="*" roles="" verbs="" />
<add accessType="Allow" users="*" roles="" />
</authorization>
</security>
</system.webServer>
<system.serviceModel>
<services>
<service name="AspNetSqlProviderService" behaviorConfiguration="MyServiceBehavior">
<endpoint binding="wsHttpBinding" contract="Interface1" bindingConfiguration="CertificateWithTransportWSHttpBinding" />
<endpoint binding="wsHttpBinding" contract="Interface2" bindingConfiguration="CertificateWithTransportWSHttpBinding" />
<endpoint address="mex" binding="wsHttpBinding" bindingConfiguration="CertificateWithTransportWSHttpBinding" name="Metadata_Exchange" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="MyServiceBehavior">
<serviceDebug includeExceptionDetailInFaults="True" />
<serviceMetadata />
<serviceCredentials>
<clientCertificate>
<authentication trustedStoreLocation="LocalMachine"
revocationMode="Online"/>
</clientCertificate>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="CertificateWithTransportWSHttpBinding">
<security mode="Transport">
<transport clientCredentialType="Certificate" />
</security>
</binding>
</wsHttpBinding>
</bindings>
</system.serviceModel>
</configuration>
我已按如下方式配置 IIS:
- 使用自签名证书添加 https 绑定(bind)
- 在 SSL 设置下,选中需要 SSL 并接受客户端证书
- 自签名证书已添加到本地计算机受信任的根 CA。
我可以浏览并执行 .asmx 服务定义,但是 .svc 给出了上述错误。
最佳答案
尝试注释掉您的 mex 端点。那应该让它工作
关于wcf - 使用证书身份验证的传输安全,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/4082951/