通过Https自托管WCF服务 [英] Selfhosting a WCF service over Https

问题描述

我想编写一个应该使用https的WCF服务(自托管). 通过搜索网络，我发现了来自msdn的博客文章，该文章告诉我 使用"netsh.exe"命令将证书绑定到端点 通过命令行: http://blogs.msdn.com/b/james_osbornes_blog/archive/2010/12/10/selfhosting-a-wcf-service-over-https.aspx

I want to write a WCF service (self-hosted) that should use https. By searching the web I found a blog article from msdn that tells me to use the "netsh.exe" command to bind the certificate to the endpoint by commandline: http://blogs.msdn.com/b/james_osbornes_blog/archive/2010/12/10/selfhosting-a-wcf-service-over-https.aspx

但是，这仍然是最先进的吗? 为什么不使用这个: http://msdn.microsoft.com/de-de/library/system.servicemodel.description.servicecredentials.servicecertificate(v=vs.100).aspx

However, is this still state of the art? Why not use this: http://msdn.microsoft.com/de-de/library/system.servicemodel.description.servicecredentials.servicecertificate(v=vs.100).aspx

还是我想念什么? 感谢您的帮助.

Or do I miss something? Thanks for any help.

推荐答案

所以我终于找到了为什么需要使用netsh命令的原因:

So I finally found out why I need to use the netsh command:

查看本文: https://msdn.microsoft.com/en -us/library/ms789011％28v = vs.110％29.aspx

这篇文章: 如果传输是HTTP (使用WSHttpBinding)，则HTTP上的SSL提供传输级别的安全性. 在这种情况下，您必须 使用SSL证书配置托管服务的计算机 绑定到端口，如本主题后面所述.如果传输是 TCP(使用NetTcpBinding)，默认情况下为传输级安全性 提供的是Windows安全性或TCP上的SSL.通过SSL使用时 TCP，您必须使用SetCertificate方法指定证书， 如本主题后面所示.

From this article: If the transport is HTTP (using the WSHttpBinding), SSL over HTTP provides the transport-level security. In that case, you must configure the computer hosting the service with an SSL certificate bound to a port, as shown later in this topic. If the transport is TCP (using the NetTcpBinding), by default the transport-level security provided is Windows security, or SSL over TCP. When using SSL over TCP, you must specify the certificate using the SetCertificate method, as shown later in this topic.

因此，您只能将属性用于tcp绑定. 如果通过http使用ssl，则需要通过netsh命令将证书绑定到端口上

So you can only use the Property for tcp binding. If you use ssl over http, you need to bind a certificate to a port by netsh command

这篇关于通过Https自托管WCF服务的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！