从WCF服务访问客户端证书属性 [英] Access client certificate properties from WCF Service

问题描述

我在写一个WCF服务，我需要访问用于连接到服务的客户端证书的哈希代码。

I am writing a WCF service where I need to access the Hash Code of client certificates that are used to connect to the service.

我在寻找一个属性或类似于来自ASP.NET 2.0的Request.ClientCertificate的方法，但找不到任何允许轻松访问客户端证书的东西。

I am looking for a property or method similar to Request.ClientCertificate from ASP.NET 2.0 days but cannot find anything that allows easy access to the client certificate.

我们的服务设置为使用basicHttpBinding和Transport的安全模式使用SSL运行。

Our service is set up such that it is running with SSL using basicHttpBinding and security mode of "Transport".

IIS已设置为需要SSL并接受证书。

IIS has been set up to Require SSL and Accept certificates.

需要注意的一点是，用于保护端点的服务器证书来自不同的CA，而不是客户端证书 - 客户端证书仅通过自定义代码验证（因此需要获取

One thing to note is that our server certificate used to secure the endpoint is from a different CA to that of the client certificates - the client certificates are intended to be validated solely through custom code (thus the need to get the hash code of a connecting certificate).

我已经创建了IDispatchMessageInspector的自定义实现，以查看是否有来自该客户端证书的访问，但没有可用。

I have created a custom implementation of the IDispatchMessageInspector to see if there is any access to a client certificate from there but to no avail.

有没有人尝试过这种方法，之前有成功？

Has anyone attempted this and had success before?

推荐答案

像什么最好的选择是为您的服务实现自定义证书验证器。这基本上是来自 X509CertificateValidator 的类然后通过配置文件注册。

Looks like what the best option for you would be to implement a custom Certificate Validator for your service. This is basically a class that derives from X509CertificateValidator and is then registered through the config file.

有关如何在上执行此操作的更完整信息本文。

这篇关于从WCF服务访问客户端证书属性的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！