从 .Net Core 3.1 调用 WCF BasicBinding 服务
Calling WCF BasicBinding service from .Net Core 3.1
我在 IIS 上有一个 WCF SOAP 服务,它使用 basicHttpBinding 并配置为需要客户端证书:
<basicHttpBinding>
<binding>
<readerQuotas/>
<security mode="Transport">
<transport clientCredentialType="Certificate"></transport>
</security>
</binding>
</basicHttpBinding>
我必须从 .Net Core 3.1 应用程序调用该服务。这是我拥有的:
BasicHttpBinding binding = new BasicHttpBinding(BasicHttpSecurityMode.Transport);
binding.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.Certificate;
ChannelFactory<PaymentRequestService> factory = new ChannelFactory<PaymentRequestService>(binding, new EndpointAddress(new Uri(_apiOptions.Value.PaymentRequestServiceEndpoint)));
factory.Credentials.ClientCertificate.Certificate = GetClientCertificate(certBase64, certPass); // X509Certificate2
PaymentRequestService client = factory.CreateChannel();
var rx = client.SavePaymentRequestAsync(myRequest);
当我在调试中检查工厂时,我看到客户端凭证证书 (SHA256) 在那里,但是看起来客户端凭证没有到达 web 服务,因为我不断收到 HTTP 请求被客户端身份验证方案禁止 'Anonymous'
如果我使用 BasicHttpSecurityMode.TransportWithMessageCredential 或使用 factory.Credentials.ClientCertificate.SetCertificate()
设置证书都没有区别
有什么想法吗?
从 Windows Server 2012 开始,您需要在 HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL
中设置 SendTrustedIssuerList 和 ClientAuthTrustMode 注册表设置
我在 IIS 上有一个 WCF SOAP 服务,它使用 basicHttpBinding 并配置为需要客户端证书:
<basicHttpBinding>
<binding>
<readerQuotas/>
<security mode="Transport">
<transport clientCredentialType="Certificate"></transport>
</security>
</binding>
</basicHttpBinding>
我必须从 .Net Core 3.1 应用程序调用该服务。这是我拥有的:
BasicHttpBinding binding = new BasicHttpBinding(BasicHttpSecurityMode.Transport);
binding.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.Certificate;
ChannelFactory<PaymentRequestService> factory = new ChannelFactory<PaymentRequestService>(binding, new EndpointAddress(new Uri(_apiOptions.Value.PaymentRequestServiceEndpoint)));
factory.Credentials.ClientCertificate.Certificate = GetClientCertificate(certBase64, certPass); // X509Certificate2
PaymentRequestService client = factory.CreateChannel();
var rx = client.SavePaymentRequestAsync(myRequest);
当我在调试中检查工厂时,我看到客户端凭证证书 (SHA256) 在那里,但是看起来客户端凭证没有到达 web 服务,因为我不断收到 HTTP 请求被客户端身份验证方案禁止 'Anonymous'
如果我使用 BasicHttpSecurityMode.TransportWithMessageCredential 或使用 factory.Credentials.ClientCertificate.SetCertificate()
有什么想法吗?
从 Windows Server 2012 开始,您需要在 HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL
中设置SendTrustedIssuerList 和 ClientAuthTrustMode 注册表设置