您的位置: 首页  >  技术问答  >  WCF:未提供服务证书。在ServiceCredentials中指定服务证书

WCF:未提供服务证书。在ServiceCredentials中指定服务证书

分类: 技术问答 2022-09-20 00:01:22
问题描述:

我试图创建一个使用MembershipProvider进行验证的WCF服务。由于这是一项内部服务,我目前对应用传输级别安全(HTTPS)并不感兴趣,并且我想(现在)在没有证书的情况下执行此操作。此外,这将使推出该服务变得复杂,我希望在稍后时间这样做。我已经建立了一个基本配置(甚至没有配置MembershipProvider,但WCF不断抛出我下面的例外:WCF:未提供服务证书。在ServiceCredentials中指定服务证书

未提供服务证书指定ServiceCredentials服务证书

。下面是我的配置:

<system.serviceModel> 
    <bindings> 
    <ws2007HttpBinding> 
     <binding name="Service1WS2007HttpBindingConfig"> 
     <security mode="Message"> 
      <transport clientCredentialType="None" /> 
      <message clientCredentialType="UserName" /> 
     </security> 
     </binding> 
    </ws2007HttpBinding> 
    </bindings> 
    <services> 
    <service name="WcfService1.Service1"> 
     <endpoint address="http://localhost:9800/Service1.svc" 
     binding="ws2007HttpBinding" 
     bindingConfiguration="Service1WS2007HttpBindingConfig" 
     contract="WcfService1.IService1" /> 
    </service> 
    </services> 
    <behaviors> 
    <serviceBehaviors> 
     <behavior name=""> 
     <serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" /> 
     <serviceDebug includeExceptionDetailInFaults="false" /> 
     </behavior> 
    </serviceBehaviors> 
    </behaviors> 
    <serviceHostingEnvironment multipleSiteBindingsEnabled="false"> 
    <serviceActivations> 
     <add relativeAddress="Service1.svc" service="WcfService1.Service1" /> 
    </serviceActivations> 
    </serviceHostingEnvironment> 
</system.serviceModel>

堆栈跟踪的异常:

[InvalidOperationException:未提供服务证书。 在ServiceCredentials中指定服务证书。 ]
System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.CreateServerX509TokenProvider() 12382737 System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.CreateLocalSecurityTokenProvider(RecipientServiceModelSecurityTokenRequirement recipientRequirement)63
System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.CreateSecurityTokenProvider(SecurityTokenRequirement 要求)+ 48
System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.CreateTlsnegoServerX509TokenProvider(RecipientServiceModelSecurityTokenRequirement recipientRequirement)191
System.ServiceModel.Securit y.ServiceCredentialsSecurityTokenManager.CreateTlsnegoSecurityTokenAuthenticator(RecipientServiceModelSecurityTokenRequirement recipientRequirement,布尔requireClientCertificate, SecurityTokenResolver & sctResolver)683
System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.CreateSecurityTokenAuthenticator(SecurityTokenRequirement tokenRequirement,SecurityTokenResolver & outOfBandTokenResolver) 12383208 System.ServiceModel.Security.SessionRenewSecurityTokenManager .CreateSecurityTokenAuthenticator(SecurityTokenRequirement tokenRequirement,SecurityTokenResolver & outOfBandTokenResolver)+81
System.S erviceModel.Security.SymmetricSecurityProtocolFactory.OnOpen(时间跨度 超时)181
System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(时间跨度 超时)21
System.ServiceModel.Channels.CommunicationObject.Open(时间跨度 超时)318
System.ServiceModel.Security.SecurityListenerSettingsLifetimeManager.Open(时间跨度 超时)94
System.ServiceModel.Channels.SecurityChannelListener`1.OnOpen(时间跨度 超时)240
System.ServiceModel.Channels.CommunicationObject.Open( TimeSpan timeo ut)+318
System.ServiceModel.Dispatcher.ChannelDispatcher。的OnOpen(时间跨度 超时)72

[InvalidOperationException异常:所述ChannelDispatcher在 的 'http://本地主机:9800/Service1.svc' 与合同(S) ' “IssueAndRenewSession”' 是不能打开其IChannelListener。 ]
System.ServiceModel.Dispatcher.ChannelDispatcher.OnOpen(时间跨度 超时)118
System.ServiceModel.Channels.CommunicationObject.Open(时间跨度 超时)318 System.ServiceModel.ServiceHostBase.OnOpen(时间跨度 超时)+ 111
System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan 超时)318
System.ServiceModel.Security.SecuritySessionSecurityTokenAuthenticator.OnOpen(时间跨度 超时)131
System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(时间跨度 超时)21
System.ServiceModel.Channels.CommunicationObject 。开(时间跨度 超时)318
System.ServiceModel.Security.CommunicationObjectSecurityTokenAuthenticator.Open(时间跨度 超时)20
System.ServiceModel.Security.SecuritySessionServerSettings.OnOpen(时间跨度 超时)792
System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(时间跨度 超时)21
System.ServiceModel.Channels.CommunicationObject.Open(时间跨度 超时)318
System.ServiceModel.Security.SecurityListenerSettingsLifetimeManager.Open(时间跨度 超时)148
System.ServiceModel.Channels.SecurityChannelListener`1.OnOpen(时间跨度 超时)240
System.ServiceModel.Channels.CommunicationObject.Open(时间跨度 超时)318
System.ServiceModel.Dispatcher.ChannelDispatcher .OnOpen(TimeSpan 超时)72

[InvalidOperationException异常:在 '://本地主机:HTTP 9800/Service1.svc' 的ChannelDispatcher合同(S) ' “IService1”' 是 无法打开其IChannelListener。]
System.ServiceModel.Dispatcher.ChannelDispatcher.OnOpen(时间跨度 超时)118
System.ServiceModel.Channels.CommunicationObject.Open(时间跨度 超时)318 System.ServiceModel.ServiceHostBase.OnOpen(时间跨度 超时)111
System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan 超时)+318
System.ServiceModel.HostingManager.ActivateService(字符串 normalizedVirtualPath)206
System.ServiceModel.HostingManager.EnsureServiceAvailable(字符串 normalizedVirtualPath)651

[ServiceActivationException: '/Service1.svc' 该服务不能是 由于编译期间的异常而被激活。例外 消息为:在 的ChannelDispatcher的 'http://本地主机:9800/Service1.svc' 与合同(S) ' “IService1”' 是 无法打开其IChannelListener ..
System.Runtime.AsyncResult 。端(IAsyncResult的结果)688590
System.ServiceModel.Activation.HostedHttpRequestAsyncResult.End(IAsyncResult的 结果)190个
System.ServiceModel.Activation.HostedHttpRequestAsyncResult.ExecuteSynchronous(HttpApplication的 上下文,字符串routeServiceVirtualPath,布尔flowContext,布尔 ensureWFService )234
System.ServiceModel.Activation.HttpModule.ProcessRequest(对象 发件人,EventArgs的)359
System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() 148的System.Web。 HttpApplication.ExecuteStep(IExecutionStep步骤,布尔型& comp leted Synchronous)+75

我的配置有什么问题,我该如何解决这个问题?

+0

[This blog post](http://webservices20.blogspot.nl/2008/11/introducing-wcf-clearusernamebinding.html)给出了答案。 – 2012-08-17 07:39:58

+0

请参阅http://webservices20.blogspot.nl/2008/11/introducing-wcf-clearusernamebinding.html – Steven 2012-08-17 12:13:36

+0

我猜你不想完全禁用安全性(当然是暂时的)?如果你这样做,你可以禁用你的wshttp绑定的消息安全性,如下所示:'' – 2016-12-08 01:16:15

您需要使用证书签署服务。您可以通过将下面的配置做到这一点:

<serviceBehaviors> 
    <behavior name=""> 
     <serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" /> 
     <serviceDebug includeExceptionDetailInFaults="false" /> 

     *<serviceCredentials> 
      <serviceCertificate findValue="certificatename" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" /> 
     </serviceCredentials>* 
    </behavior> 
</serviceBehaviors>

其中certificateName是证书的名称。要创建一个证书,你可以看看这里: Create a self signed certificate

+1

因为它是一个内部服务,所以我目前对应用传输级安全性不感兴趣,想要创建证书,因为这会使服务推出变得复杂。我可以在没有证书的情况下配置吗? – 2012-03-07 10:57:12

+1

不幸的是,您必须创建一个证书,即使是内部测试。您可以创建自己的根级证书颁发机构证书,然后使用它为您的服务颁发第二个证书。两者都需要安装在你推出的每台服务器上。 – 79E09796 2012-03-07 15:24:11

+0

即使存在此证书,我仍然会收到此错误。是什么赋予了? – ashes999 2012-06-20 19:30:23

相关推荐