当你在visual studio里 用 add service reference 调用一个只需X.509 certificate 签名 https WCF Service ,visual studio 自动生成一些代码和app.config或者web.config xml代码,基于这些自动生成的东东,很容易调用,但是部署时比较麻烦,得拷贝那些xml代码。
只需X.509 certificate 签名的web service在大公司间常见,我相信支付宝也是用X.509 certificate 签名 https Web service。不知道为什么微软视而不见,没有举例解释,网上也很难搜到。一堆WCF MVP 好像没见过X.509 certificate 签名的web service,抄来抄去抄微软的。微软有个WsHttpBinding,把message加密后又签名,世界上用的不多,因为一般用Https来加密,message加密多此一举。
有哪位高手用WCF实现了X.509 certificate 签名 https Web service的服务器端请告知一下,谢谢!
我搞了很长时间,终于搞懂了手工实现或者 programmatically implement,也就是无需机器生成的config xml代码
主要是给ChannelFactory添加X.509 certificate
service url 是 https://service.uhone.com/QuoteTransfer/QuoteTransfer.svc
BasicHttpBinding binding = new System.ServiceModel.BasicHttpBinding();
binding.Security.Mode = System.ServiceModel.BasicHttpSecurityMode.TransportWithMessageCredential;
binding.Security.Message.ClientCredentialType = System.ServiceModel.BasicHttpMessageCredentialType.Certificate;
EndpointAddress endpoint = new EndpointAddress(url);
ChannelFactory<QuoteTransferContract> factory = new ChannelFactory<QuoteTransferContract>(binding, endpoint);
factory.Credentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindBySubjectDistinguishedName, "CN=****");
QuoteTransferContract proxy = factory.CreateChannel();
return proxy.SaveQuoteTransfer(request);