我使用WSHttpBindings编写了一个自托管的WCF服务,我正在尝试使用我自己生成的证书来实现消息级安全性.不幸的是,我得到了一个隐藏的异常(通过服务跟踪查看器),说明"提供给包的凭据无法识别".
几个笔记:
我不确定我错过了什么.除了创建端点身份之外,大多数这些东西似乎都是直截了当的.无论是使用DnsEndpointIdentities,基于证书的,还是根本没有身份,它都会失败并显示相同的消息.
谁能指出我正确的方向?
服务器端:
var binding = new WSHttpBinding
{
Security =
{
Mode = SecurityMode.Message,
Message =
{
ClientCredentialType = MessageCredentialType.Certificate,
AlgorithmSuite = SecurityAlgorithmSuite.Basic256Sha256Rsa15
}
}
};
_host = new ServiceHost(this)
{
Credentials =
{
ServiceCertificate =
{
Certificate = ServiceCert
},
ClientCertificate =
{
Certificate = ClientCert,
Authentication =
{
TrustedStoreLocation = StoreLocation.LocalMachine,
RevocationMode = X509RevocationMode.NoCheck,
CertificateValidationMode = X509CertificateValidationMode.PeerOrChainTrust
}
}
}
};
var address = new Uri(string.Format(@"http://serviceaddress"));
var ep = _host.AddServiceEndpoint(typeof (IService), …