我目前正在使用wcf服務器,並且希望從文件/資源(而不是證書存儲區)加載我的證書以使部署更容易。任何想法如何做到這一點?selfhosting wcf服務器 - 從文件加載證書而不是證書存儲區
感謝您的幫助!
我目前正在使用wcf服務器,並且希望從文件/資源(而不是證書存儲區)加載我的證書以使部署更容易。任何想法如何做到這一點?selfhosting wcf服務器 - 從文件加載證書而不是證書存儲區
感謝您的幫助!
假設你正在使用雙工信道,你可以從文件加載證書如下:
//Load certificate file with private key
var certificate = new X509Certificate2("c:\certificate.pfx", "password");
//Configure your server by to use certificate, for example:
var host = new ServiceHost(typeof(YourService),
new Uri("Your service's uri"));
host.Credentials.ServiceCertificate.Certificate = certificate;
//configure your server to accept client's certificate , accept all
//certificate in this case, or you can assign it to the public key file
host.Credentials.ClientCertificate.Authentication.CertificateValidationMode
= X509CertificateValidationMode.None;
在您的客戶端的代碼,加載證書與上面相同
//configure your client to use certificate
var channelFactory = new ChannelFactory<IYourService>();
channelFactory.Credentials.ClientCertificate.Certificate =
clientCertificate;
//configure your client to accept server's certificate,
//again, for simplicity, just accept any server's certificate
channelFactory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode
= X509CertificateValidationMode.None;
我覺得你應該沒問題。請記住,如果從文件加載,則必須加載由pvk2pfx.exe生成的.pfx文件,它具有私鑰和公鑰。否則WCF會混淆到在哪裏查找私鑰。
下面的SO問題有詳細的代碼示例介紹瞭如何執行此操作,但是這可能無法在證書受密碼保護的情況下運行。
不錯。值得指出的是,安全模式必須是「傳輸」,並且傳輸clientCredentialType必須是「證書」。 – Anders 2015-12-10 15:50:18