WCF - security-Protokoll nicht überprüfen kann, wird die eingehende Nachricht.

Ich versuche zum erstellen einer WCF-Dienst-Zertifikat-Authentifizierung über SSL erstellen einer Business-to-Business-gateway. Habe ich einen CA-und client-Zertifikat und setzen Sie Sie in die Trusted root und persönlichen Ordner beziehungsweise. Ich habe die SSL-routing-aber ich bekomme immer folgenden Fehler 'Der security-Protokoll nicht überprüfen kann, wird die eingehende Nachricht.' Und ich kann nicht herausfinden, warum.

Unten ist mein Dienst-Konfiguration:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.web>
        <compilation debug="true" targetFramework="4.0" />
    </system.web>
    <system.serviceModel>

        <services>
            <service name="B2BGateway.SSOBackChannel" behaviorConfiguration="B2B">
                <endpoint binding="wsHttpBinding"
                  bindingConfiguration="WSCertificateSecurity" 
                  contract="B2BGateway.Contracts.ISSOBackChannel" 
                  address="https://blah.com/SSOBackChannel.svc"></endpoint>
            </service>
        </services>

        <behaviors>
            <serviceBehaviors>
                <behavior name="B2B">

                    <serviceMetadata httpsGetEnabled="true" />
                    <serviceDebug includeExceptionDetailInFaults="true" />

                    <serviceCredentials>
                        <serviceCertificate />
                        <clientCertificate>
                            <authentication certificateValidationMode="PeerTrust" />
                        </clientCertificate>
                    </serviceCredentials>
                    <serviceAuthorization principalPermissionMode="None"></serviceAuthorization>
                </behavior>
            </serviceBehaviors>

            <endpointBehaviors>
                <behavior name="B2B">
                    <clientCredentials>
                        <clientCertificate findValue="2e2ecba0f33265085cc53cb53c0b00977aaa9e9e" storeName="My" storeLocation="LocalMachine" x509FindType="FindByThumbprint" />
                    </clientCredentials>
                </behavior>
            </endpointBehaviors>
        </behaviors>

        <bindings>
            <wsHttpBinding>
                <binding name="WSCertificateSecurity">
                    <security mode="TransportWithMessageCredential">
                        <transport clientCredentialType="None" proxyCredentialType="None" realm="" />
                        <message clientCredentialType="Certificate" />
                    </security>
                </binding>
            </wsHttpBinding>
        </bindings>

    </system.serviceModel>

    <system.diagnostics>
        <sources>
            <!-- See here for recommended diagnostics settings: http://msdn.microsoft.com/en-us/library/aa702726.aspx -->
            <source name="System.ServiceModel" switchValue="Warning,Information,ActivityTracing,Verbose" propagateActivity="true">
                <listeners>
                    <add name="traceListener" type="System.Diagnostics.XmlWriterTraceListener" initializeData="d:\logs\gah.svclog" />
                </listeners>
            </source>
        </sources>
    </system.diagnostics>
    <system.webServer>
        <directoryBrowse enabled="true" />
    </system.webServer>

</configuration>

Und die client-Konfiguration ist nur der automatisch generierte code:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>

    <system.serviceModel>
        <bindings>
            <wsHttpBinding>
                <binding name="WSHttpBinding_ISSOBackChannel" closeTimeout="00:01:00"
                    openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
                    bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
                    maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
                    messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
                    allowCookies="false">
                    <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
                        maxBytesPerRead="4096" maxNameTableCharCount="16384" />
                    <reliableSession ordered="true" inactivityTimeout="00:10:00"
                        enabled="false" />
                    <security mode="TransportWithMessageCredential">
                        <transport clientCredentialType="None" proxyCredentialType="None"
                            realm="" />
                        <message clientCredentialType="Certificate" negotiateServiceCredential="true"
                            algorithmSuite="Default" />
                    </security>
                </binding>
            </wsHttpBinding>
        </bindings>
        <client>
            <endpoint address="https://blah.com/SSOBackChannel.svc"
                binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_ISSOBackChannel"
                contract="SSOBackChannelService.ISSOBackChannel" name="WSHttpBinding_ISSOBackChannel" />
        </client>
    </system.serviceModel>
</configuration>

Schrieb ich einen unit test, um zu sehen, ob das Ding funktioniert, das ist, wo ich bin immer die Fehlermeldung...

[TestMethod]
public void Should_Call_Service_As_Machine_Does_Have_x509Certificate()
{
SSOBackChannelClient service = new SSOBackChannelClient();;
service.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByThumbprint, "2e2ecba0f33265085cc53cb53c0b00977aaa9e9e");
var result = service.CheckBackChannelToken("123456789");
}

Jede Hilfe wäre also sehr willkommen!!
Josh

InformationsquelleAutor Joshy | 2011-11-14