自托管 wcf 服务器 - 从文件而不是证书存储加载证书 [英] selfhosting wcf server - load certificate from file instead of certificate store

问题描述

I'm currently working on a wcf server and would like to load my certificate from a file/resource instead of the certificate store to make deployment easier. Any ideas how to do this?

Thanks for your help!

解决方案

Suppose you are using duplex channel,you can load certificate from file as the following:

//Load certificate file with private key
var certificate = new X509Certificate2("c:certificate.pfx", "password");

//Configure your server by to use certificate, for example:
var host = new ServiceHost(typeof(YourService), 
                         new Uri("Your service's uri"));
host.Credentials.ServiceCertificate.Certificate = certificate;

//configure your server to accept client's certificate , accept all
//certificate in this case, or you can assign it to the public key file
host.Credentials.ClientCertificate.Authentication.CertificateValidationMode
                           = X509CertificateValidationMode.None;

In your client's code, load the certificate as same as above

//configure your client to use certificate
var channelFactory = new ChannelFactory<IYourService>();
channelFactory.Credentials.ClientCertificate.Certificate = 
                                             clientCertificate;

//configure your client to accept server's certificate, 
//again, for simplicity, just accept any server's certificate
channelFactory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode
                           = X509CertificateValidationMode.None;

I think you should be okay from this point. Just remember that if you load from a file, you have to load the .pfx file which is generated by pvk2pfx.exe , it has both private key and public key. Otherwise WCF will get confused to where to lookup for private key.

这篇关于自托管 wcf 服务器 - 从文件而不是证书存储加载证书的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！