小编fan*_*bob的帖子

我正在尝试创建一个安全的Web服务.

这是合同和服务实施

[ServiceContract()]
public interface ICalculatorService
{
    [OperationContract()]
    int Add(int x, int y);
}

[ServiceBehavior(IncludeExceptionDetailInFaults=true)]
public class CalculatorService : ICalculatorService
{
    public int Add(int x, int y)
    {
        return x + y;
    }
}

这里我有服务代码

var b = new WSHttpBinding(SecurityMode.Transport);
b.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
b.Security.Message.ClientCredentialType = MessageCredentialType.None;

Type contractType = typeof(ICalculatorService);
Type implementedContract = typeof(CalculatorService);
Uri baseAddress = new Uri("https://localhost:8006/CalculatorService");
ServiceHost sh = new ServiceHost(implementedContract);

sh.AddServiceEndpoint(contractType, b, baseAddress);

//ServiceMetadataBehavior sm = new ServiceMetadataBehavior();
//sm.HttpsGetEnabled = true;
//sm.HttpsGetUrl = new Uri("https://localhost:8006/CalculatorServiceMex");
//sh.Description.Behaviors.Add(sm); …

我正在尝试创建一个使用 x509 证书进行客户端/服务器身份验证的 http 侦听器。

我的服务器代码如下。

_listener = new HttpListener();
_listener.Prefixes.Add("https://localhost:8006/");
_listener.Start();
HttpListenerContext context = _listener.GetContext();

我的客户端代码如下

string url = "https://localhost:8006/";
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
var store = new X509Store(StoreName.TrustedPeople, StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly);
var cert = store.Certificates.Find(X509FindType.FindBySubjectName, "localhost", true);
request.ClientCertificates.Add((X509Certificate)cert[0]);
ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, policyErrs) =>
   {
       return policyErrs == System.Net.Security.SslPolicyErrors.None;
   };
HttpWebResponse response = (HttpWebResponse)request.GetResponse();

我相信我已经正确配置了一切。没有证书策略错误，我已将 ssl 证书绑定到端口，并且不需要提升权限来运行侦听器。

如果我在代码中或通过 Chrome 发出网络请求，则会收到此错误。我在这里做错了什么？