WCF：客户端相互证书身份验证问题（无法为具有权限的 SSL/TLS 建立安全通道）

发布于 2024-11-16 07:27:12 字数 682 浏览 2 评论 0原文

我已经对我的问题进行了彻底的研究，并阅读了许多其他帖子/博客，但他们的解决方案并没有解决我的问题。我希望有人能提供帮助。

我有一个非常简单的 WCF 服务，它使用 WsHttpBinding 传输安全性和相互证书身份验证。服务器证书是自签名证书，我已确认我在客户端计算机上的受信任存储中拥有该证书。服务器在受信任的证书存储中拥有客户端证书（也是自签名的），并且我已经验证可以使用 SOAPUI 客户端对服务进行相互验证。

但是，我无法使用我创建的 WCF 客户端来执行此操作。在 WCF 客户端上，我通过调用通道工厂的 Credentials.ClientCertificate.SetCertificate(...) 方法来设置客户端证书，并且还添加了

ServicePointManager.ServerCertificateValidationCallback +=
            ( sender,
              certificate,
              chain,
              sslPolicyErrors ) => true;

绕过所有可能的服务器证书问题的方法，但我总是得到：无法建立安全与权威 server.com 建立 SSL/TLS 通道。

有人可以向我建议可能是什么问题和/或我应该做什么才能使其正常工作吗？任何帮助表示赞赏。

谢谢。

原文

I've done thorough research on my problem and have read many other posts/blogs but their solutions didn't solve mine. I was hoping someone could help.

I have a very simple WCF service that uses WsHttpBinding Transport Security with Mutual Certificate Authentication. The server certificate is self-signed certificate and I have confirmed I have the certificate in the trusted store on the client machine. The server has the client certificate (also self-signed) in the trusted certificate store and I have already verified that I can mutually-authenticate to the service fine using SOAPUI client.

However, I'm not able to do so using the WCF client I created. On the WCF client, I've set the client certificate by calling the channel factory's Credentials.ClientCertificate.SetCertificate(...) method and I've also added

ServicePointManager.ServerCertificateValidationCallback +=
            ( sender,
              certificate,
              chain,
              sslPolicyErrors ) => true;

to bypass all possible server certificate problems but I always get: Could not establish secure channel for SSL/TLS with authority server.com.

Can someone please suggest to me what might be the problem and/or what I should do to get this working? Any help is appreciated.

Thanks.

分享到QQ

分享到微博