来自控制台应用程序的 HTTPS? [英] HTTPS from a console application?

查看:18
本文介绍了来自控制台应用程序的 HTTPS?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我没有使用 IIS,它甚至没有安装在这台计算机上.我的控制台中也没有任何 app.config 文件或 web.config 文件托管 WCF REST 服务.但我想尝试在主机控制台应用程序上运行 HTTPS:

class 程序{静态无效主(字符串 [] args){string baseAddress = "http://" + Environment.MachineName + ":8000/Service";ServiceHost host = new ServiceHost(typeof(Service), new Uri(baseAddress));//WebHttpBinding binding = new WebHttpBinding();//binding.Security.Mode = WebHttpSecurityMode.Transport;host.AddServiceEndpoint(typeof(IService), new WebHttpBinding(), "").Behaviors.Add(new WebHttpBehavior());主机.Open();Console.WriteLine("主机打开");Console.ReadLine();

有没有办法让我的服务在 HTTPS 中运行?

解决方案

  1. 创建并安装根授权和 HTTPS 证书

    以管理员身份打开命令提示符:

    创建文件夹 C:Certs 并导航到它.

    #Root 权限makecert.exe -r -pe -n "CN=My Root Authority" -ss CA -sr LocalMachine -a sha1 -sky 签名 -cy authority -sv CA.pvk CA.cer#证书makecert.exe -pe -n "CN=localhost" -a sha1 -sky exchange -eku 1.3.6.1.5.5.7.3.1 -ic CA.cer -iv CA.pvk -sp "Microsoft RSA SChannel Cryptographic Provider" -sy12 -sv server.pvk server.cer#钥匙pvk2pfx.exe -pvk server.pvk -spc server.cer -pfx server.pfx

    **makecert 和 pvk2pfx 的默认位置是 C:Program Files (x86)Microsoft SDKsWindowsv7.0Ain

  2. 安装证书

    从命令行:

    certmgr.exe -add CA.cer -r LocalMachine -s CertificateAuthority

    certmgr.exe -add server.pfx -r LocalMachine -s My -all

    来自 MMC:

    通过转到命令提示符并键入 MMC 打开 MMC.这将打开空白的 MMC 控制台.单击添加/删除管理单元.添加证书并选择计算机帐户/本地计算机.

    导航到中级证书颁发机构/证书.右键单击并选择导入.导航到您创建 CA.cer 文件的文件夹,然后单击导入.

    导航到个人/证书并右键单击导入.找到您的 server.pfx 文件(您需要从可用扩展列表中选择 PFX)并导入此文件.完成后双击打开证书,并在详细信息下记下它的指纹.将其粘贴到 Notepad 并删除额外的 ?开始并删除空格.

    要获取服务器指纹的证书,您可以在 PowerShell 中运行:

    $getThumb = Get-ChildItem -path cert:LocalMachineTrustedPeople |where { $_.Subject -match "CN=localhost" }$getThumb.thumbprint

  3. 使用 netsh

    注册并映射 WCF 端口

    映射到 WCF 端口

    netsh http add sslcert ipport=0.0.0.0:8000 certhash=73269e9b554f58d75e77880f5ff72b50c8d724ee appid={e2eaacd9-92e6-43cc-b768c77appid - 任何 GUIDcerthas - 这是第 2 步的指纹

  4. 设置您的主机

    设置为 HTTPS 并启用传输安全:

    string baseAddress = "https://" + Environment.MachineName + ":8000/Service";var binding = new WebHttpBinding();binding.Security.Mode = WebHttpSecurityMode.Transport;

详细参考

如果您在添加 sslcert 时遇到问题:

I am not using IIS, and it isn't even installed on this computer. I also don't any app.config files or web.config files in my console hosted WCF REST service. But I would like to try and get HTTPS running on the host console application:

class Program
{
    static void Main(string[] args)
    {
        string baseAddress = "http://" + Environment.MachineName + ":8000/Service";
        ServiceHost host = new ServiceHost(typeof(Service), new Uri(baseAddress));
        //WebHttpBinding binding = new WebHttpBinding();
        //binding.Security.Mode = WebHttpSecurityMode.Transport;
        host.AddServiceEndpoint(typeof(IService), new WebHttpBinding(), "").Behaviors.Add(new WebHttpBehavior());
        host.Open();

        Console.WriteLine("Host opened");
        Console.ReadLine();

Is there a way I can have my service running in HTTPS?

解决方案

  1. Create and install a root authority and HTTPS certificate

    Open command prompt as Administrator:

    Create folder C:Certs and navigate to it.

    #Root Authority
makecert.exe -r -pe -n "CN=My Root Authority" -ss CA -sr LocalMachine -a sha1 -sky signature -cy authority -sv CA.pvk CA.cer

#Certificate
makecert.exe -pe -n "CN=localhost" -a sha1 -sky exchange -eku 1.3.6.1.5.5.7.3.1 -ic CA.cer -iv CA.pvk -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 -sv server.pvk server.cer

#key
pvk2pfx.exe -pvk server.pvk -spc server.cer -pfx server.pfx

    **Default location for makecert and pvk2pfx is C:Program Files (x86)Microsoft SDKsWindowsv7.0Ain

  2. Install certificates

    From the command line:

    certmgr.exe -add CA.cer -r LocalMachine -s CertificateAuthority

    certmgr.exe -add server.pfx -r LocalMachine -s My -all

    From MMC:

    Open up MMC by going to command prompt and type MMC. This will open blank MMC console. Click add/remove snap in. Add Certificates and choose Computer Account / Local computer.

    Navigate to Intermediate Certification Authorities / Certificates. Right Click and choose import. Navigate to the folder where you have creatd CA.cer file and click to import.

    Navigate to Personal / Certificates and right click Import. Locate your server.pfx file (you will need to select PFX from list of available extensions) and import this file. When done open the certificate by double clicking and note its thumbprint under Details. Paste this into Notepad and remove extra ? at the beginning and remove spaces.

    To get the certificate of server thumbprint you can run this in PowerShell:

    $getThumb = Get-ChildItem -path cert:LocalMachineTrustedPeople | where { $_.Subject -match "CN=localhost" }
$getThumb.thumbprint

  3. Register and map WCF port with netsh

    Map to WCF port

    netsh http add sslcert ipport=0.0.0.0:8000 certhash=73269e9b554f58d75e77880f5ff72b50c8d724ee appid={e2eaacd9-92e6-43cc-b51c-7a7887149607}

appid - any GUID
certhas - this is the thumb print from the step 2

  4. Setup your host

    Set to HTTPS and enable transport security:

    string baseAddress = "https://" + Environment.MachineName + ":8000/Service";
var binding = new WebHttpBinding();
binding.Security.Mode = WebHttpSecurityMode.Transport;

Detailed references

And if you run into problems with add sslcert:

这篇关于来自控制台应用程序的 HTTPS?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
C#/.NET最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆