不使用 IIS 的 WCF 服务上的证书 [英] Certificate on a WCF service that does not use IIS
问题描述
我有一个 WCF 应用程序,通常在 IIS(用于我的测试和生产环境).但是当我从调试器运行它时,它会设置为运行自托管(即弹出控制台窗口并且不使用 IIS).
我还有一个连接到 WCF 应用程序的客户端应用程序.通常,当我测试我的客户端应用程序(在 Windows Mobile 上运行)时,它会设置为连接到我的一个测试环境(我有一个开发环境供我测试).
我现在遇到的问题是客户端发送的内容与 WCF 应用程序获取的内容之间似乎存在脱节.我需要调试我的 WCF 应用程序.
我可以运行我的 WCF 应用程序,然后将我的客户端的 URL 更改为指向调试器版本,但我的服务使用 SSL 并拥有客户端硬编码所期望的证书.
我宁愿不禁用我的那部分代码(在客户端).有没有办法在我的自托管 WCF 应用程序上安装证书?
我只想添加一些有关如何以编程方式为自托管 WCF 服务安装 SSL 证书的有用信息.这不包括如何让 WCF 应用程序使用 SSL 证书,因为这在网络上的其他地方都有很好的记录.
这旨在由管理员在设置时运行,而不是由实际应用程序本身运行,在此示例中,该应用程序在受限的 Network Service 帐户下运行.
- 代码必须以管理员身份运行.
- 设置 HTTP 命名空间预留以编程方式使用示例以编程方式授予命名空间预订.
- 设置 SSL 信息以编程方式使用示例更改相关的证书使用 IP 地址HttpServiceConfiguration.
然后您可以使用这些代码示例来安装和配置证书:
if (!IsAdministrator()){Console.WriteLine("必须运行"+作为具有本地管理员权限的用户.");Environment.Exit(-1);}//打开证书X509Certificate2 证书 = 新 X509Certificate2(certFilePath);//添加到本地存储X509Store certStore = new X509Store(StoreName.My, StoreLocation.LocalMachine);certStore.Open(OpenFlags.ReadWrite);certStore.Add(证书);certStore.Close();//为其保留一个HTTPS命名空间.string urlPrefix = string.Format("https://+:{0}/{1}", portNum, appPath);ReserveHttpNamespace.ModifyReservation(urlPrefix, "网络服务", false);//设置此服务的 SSL 证书.SetSSLCert.BindCertificate("0.0.0.0", portNum, certificate.GetCertHash());然后您可以使用有用的 HttpCfg UI 工具检查它是否正确运行.p>
I have a WCF application that normally runs in IIS (for my testing and production environments). But when I run it from my debugger it is setup to run self hosted (that is, a console window pops up and IIS is NOT used).
I also have a client application that I connect to the WCF application. Normally when I am testing my client application (that runs on Windows Mobile) it is setup to connect to one of my testing environments (I have a development environment for me to test in).
The problem I am having now is that there seems to be a disconnect between what the client is sending and what the WCF application is getting. I need to debug my WCF application.
I can run my WCF application and then change the URL of my client to point the debugger version, but my services run with SSL and have a certificate that the client is hardcoded to expect.
I would rather not disable that part of my code (on the client). Is there a way to install the certificate on my self-hosted WCF application?
I just want to add some helpful information on how to programatically install an SSL certificate for a self-hosted WCF service. This does not cover how to get the WCF application to use the SSL certificate, since that is well-documented elsewhere on the web.
This is intended to be run at setup time by an administrator, and not by the actual application itself, which in this example, runs under the limited Network Service account.
- The code must run as an administrator.
- Set the HTTP Namespace reservation programatically using the example in Programatically Granting a Namespace Reservation.
- Set the SSL information programatically using the example in Changing the Certificate associated with IP address using HttpServiceConfiguration.
You can then use those code samples to install and configure the certificate:
if (!IsAdministrator())
{
Console.WriteLine("Must run "+
"as a user with local Administrator privileges.");
Environment.Exit(-1);
}
//Open the cert.
X509Certificate2 certificate = new X509Certificate2(certFilePath);
//Add it to the local store
X509Store certStore = new X509Store(StoreName.My, StoreLocation.LocalMachine);
certStore.Open(OpenFlags.ReadWrite);
certStore.Add(certificate);
certStore.Close();
//Reserve an HTTPS namespace for it.
string urlPrefix = string.Format("https://+:{0}/{1}", portNum, appPath);
ReserveHttpNamespace.ModifyReservation(urlPrefix, "Network Service", false);
//Set the SSL cert for this service.
SetSSLCert.BindCertificate("0.0.0.0", portNum, certificate.GetCertHash());
You can then check that this ran correctly using the helpful HttpCfg UI Tool.
这篇关于不使用 IIS 的 WCF 服务上的证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
