调用SSPI失败，再次运行该调用时看到内部异常? [英] A call to SSPI failed, see inner exception when running the call a second time?

问题描述

我有以下代码:

public GetUserDataResponse GetUserDataFromService(X509Certificate2 certificate)
{
    ChannelFactory<MyApp4SITHSService.IMyApp4SITHSServiceContract> factory = new ChannelFactory<MyApp4SITHSService.IMyApp4SITHSServiceContract>("NetTcpBinding_IMyApp4SITHSServiceContract_Certificate");
    MyApp4SITHSService.IMyApp4SITHSServiceContract service;
    GetUserDataResponse response;

    factory.Credentials.ClientCertificate.Certificate = certificate;
    //factory.Credentials.UserName.UserName = "me";
    //factory.Credentials.UserName.Password = "password";

    service = factory.CreateChannel();

    LogHandler.WriteLine("Connecting to service");
    response = service.GetUserData(new GetUserDataRequest());
    LogHandler.WriteLine("Data received");

    factory.Abort();
    return response;
}

第一次运行此程序效果很好，第二次在service.GetUserData上收到以下异常:

The first time I run this it workes just great, the second time I get the following exception on service.GetUserData :

发生类型为'System.ServiceModel.Security.SecurityNegotiationException'的第一次机会异常在mscorlib.dll中

A first chance exception of type 'System.ServiceModel.Security.SecurityNegotiationException' occurred in mscorlib.dll

对SSPI的调用失败，请参阅内部异常.

A call to SSPI failed, see inner exception.

无法联系本地安全机构

我使用以下配置:

<system.serviceModel>
  <behaviors>
    <endpointBehaviors>
      <behavior name="CertificateEndpointBehavior">
        <clientCredentials>
          <!--<clientCertificate findValue="MyAppClient" x509FindType="FindBySubjectName" storeLocation="CurrentUser" storeName="TrustedPeople"/>-->
          <!--<clientCertificate findValue="MyAppClient" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="My"/>-->
          <serviceCertificate>
            <authentication certificateValidationMode="ChainTrust" revocationMode="NoCheck"/>
          </serviceCertificate>
        </clientCredentials>
      </behavior>
    </endpointBehaviors>
  </behaviors>
    <bindings>
        <netTcpBinding>
            <binding name="netTcpCertificate" closeTimeout="00:01:00" openTimeout="00:01:00"
                receiveTimeout="Infinite" sendTimeout="01:00:00" transactionFlow="false"
                transferMode="Buffered" transactionProtocol="OleTransactions"
                hostNameComparisonMode="StrongWildcard" listenBacklog="1000"
                maxBufferPoolSize="2147483647" maxBufferSize="2147483647"
                maxConnections="200" maxReceivedMessageSize="2147483647">
                <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
                    maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
                <reliableSession ordered="true" inactivityTimeout="Infinite"
                    enabled="false" />
                <security mode="Transport">
                    <transport clientCredentialType="Certificate" />
                    <message clientCredentialType="Certificate" />
                </security>
            </binding>
        </netTcpBinding>
    </bindings>
    <client>
        <endpoint address="net.tcp://localhost:8135/MyApp4SITHSService/Client/sll"
            behaviorConfiguration="CertificateEndpointBehavior" binding="netTcpBinding"
            bindingConfiguration="netTcpCertificate" contract="MyApp4SITHSService.IMyApp4SITHSServiceContract"
            name="NetTcpBinding_IMyApp4SITHSServiceContract_Certificate">
            <identity>
                <dns value="MyAppServer" />
            </identity>
        </endpoint>
    </client>
</system.serviceModel>

有人知道为什么我会遇到这个问题以及如何解决吗?

Any idea why I get this problem and how to solve it?

推荐答案

服务器无权联系本地计算机证书存储以验证对传入证书的信任.

The server does not have permissions to contact the local machine certificate store to validate the trust of the passed in certificate

这篇关于调用SSPI失败，再次运行该调用时看到内部异常?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！