一、IIS配置
-
保证IIS拥有配置https的功能
在windows 功能中将IIS的所有功能开启即可。 -
生成证书(标准企业需去平台申请证书,本文介绍开发自设置)
-
添加网站
-
测试
用IE打开,google等浏览器会直接打不开。
二、配置文件修改
-
WebService Config
1.endingpoint 配置: 源数据交换: mexHttpBinding -> mexHttpsBinding 否则报错: 找不到具有绑定 MetadataExchangeHttpBinding 的终结点的与方案 http 匹配的基址。注册的基址方案是 [https]... 2.binding 1) wsHttpBinding 配置 <security mode="Message" > -> <security mode="Transport" > 否则报错: WCF问题:找不到具有绑定 WSHttpBinding 的终结点的与方案 http 匹配的基址。注册的基址方案是 [https]"错误 2) httpTransport -> httpsTransport 3.Behavior <serviceMetadata httpGetEnabled="true" /> -> <serviceMetadata httpsGetEnabled="true" />
-
Client Config
1.binding配置: 1) <security mode="Message" > -> <security mode="Transport" > 2) httpTransport -> httpsTransport
3.注意点
要保证客户端和服务端的 mode 类型一直,否则会报如下错误。
The content type text/html of the response message does not match the content type of the binding (application/x-gzip). If using a custom encoder, be sure that the IsContentTypeSupported method is implemented properly. The first 1024 bytes of the response were:
三、查看wcf服务
忽略证书即正常出结果。
四、客户端连接wcf服务
-
可能出现的问题
Could not establish trust relationship for the SSL/TLS secure channel with authority.
在client连接wcf创建通道的代码前增加如下代码即可:ServicePointManager.ServerCertificateValidationCallback += (s, cert, chain, sslPolicyErrors) => true; ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls; IClientChannel channel = GetChannelFactory(endPoint).CreateChannel() as IClientChannel; //创建通道代码
-
解决完上面的问题即可正常连接登录