从控制台应用程序HTTPS? [英] HTTPS from a console application?
问题描述
我不使用 IIS ,它甚至没有在这台计算机上安装。我也没有任何的app.config
主办的的web.config 文件在我的控制台= http://en.wikipedia.org/wiki/Windows_Communication_Foundation\">WCF REST服务 。但我想尝试并获得主机上的控制台应用程序运行HTTPS:
类节目
{
静态无效的主要(字串[] args)
{
字符串baseAddress =HTTP://+ Environment.MachineName +:8000 /服务;
ServiceHost的主机=新的ServiceHost(typeof运算(服务),新的URI(baseAddress));
//的WebHttpBinding绑定=新的WebHttpBinding();
//binding.Security.Mode = WebHttpSecurityMode.Transport;
host.AddServiceEndpoint(typeof运算(IService),新的WebHttpBinding(),).Behaviors.Add(新WebHttpBehavior());
host.Open(); Console.WriteLine(主机开);
到Console.ReadLine();
有没有办法,我可以有我的服务 HTTPS ?
运行-
创建并安装根权威和HTTPS证书
打开命令提示符以管理员身份:
新建文件夹
C:\\的证书
并导航到该#Root管理局
makecert.exe -r -pe -nCN =我的根颁发机构-ss CA -sr LOCALMACHINE -a SHA1 -sky签名-cy权威-sv CA.pvk CA.cer#证书
makecert.exe -pe -nCN = localhost的-a SHA1 -sky交换-eku 1.3.6.1.5.5.7.3.1 -ic CA.cer -IV CA.pvk -sp微软RSA SChannel加密提供-sy 12 -sv server.pvk server.cer#键
pvk2pfx.exe -pvk server.pvk -spc server.cer -pfx server.pfx**的makecert和pvk2pfx默认位置为C:\\ Program Files文件(x86)的\\微软的SDK \\ WINDOWS \\ v7.0A \\ BIN
-
安装证书
在命令行中:
certmgr.exe -add CA.cer -r -s LOCALMACHINE CertificateAuthority
certmgr.exe -add server.pfx -r -s LOCALMACHINE我-all
从MMC:
通过转到命令提示符并键入MMC打开 MMC 。这将打开空白的MMC控制台。单击添加/删除管理单元,添加证书,选择计算机帐户/本地计算机。
导航到中级证书颁发机构/证书。右击并选择进口。导航到你creatd CA.cer文件的文件夹,然后单击导入。
导航到个人/证书,然后右键单击导入。找到您server.pfx文件(您将需要从可用的扩展列表中选择PFX),并导入该文件。完成后双击打开该证书并记下其的指纹的详细信息下。粘贴到记事本并删除多余的
?
在开始和删除空格。要获得服务器指纹的证书可以在 PowerShell中运行此:
$ getThumb = GET-ChildItem -path证书:\\ LOCALMACHINE \\ TrustedPeople |其中{$ _。-match主题CN =本地主机}
$ getThumb.thumbprint -
注册和地图WCF端口的netsh
地图WCF端口
的netsh的http添加的sslcert ipport = 0.0.0.0:8000 CERTHASH = 73269e9b554f58d75e77880f5ff72b50c8d724ee的appid = {e2eaacd9-92e6-43cc-b51c-7a7887149607}APPID - 任何GUID
certhas - 这是来自步骤2的拇指打印 -
设置你的主机
设置为HTTPS并启用传输安全性:
字符串baseAddress =https://开头+ Environment.MachineName +:8000 /服务;
VAR约束力=新的WebHttpBinding();
binding.Security.Mode = WebHttpSecurityMode.Transport;
详细引用
-
如何创建和安装运输安全在WCF临时证书发展在(MSDN)
-
配置HTTP和HTTPS (MSDN)
-
如何:使用SSL证书(MSDN)配置端口
如果您遇到问题与附加的sslcert:
-
堆叠式和NBSP;溢出问题的 自托管使用SSL和WCF - 不能绑定证书到端口 的
-
堆叠式和NBSP;溢出问题的 Using netsh的,绑定一个SSL证书的端口号是失败 的
-
堆叠式和NBSP;溢出问题的 Certificate在WCF服务,不使用IIS 的
I am not using IIS, and it isn't even installed on this computer. I also don't any app.config
files or web.config
files in my console hosted WCF REST service. But I would like to try and get HTTPS running on the host console application:
class Program
{
static void Main(string[] args)
{
string baseAddress = "http://" + Environment.MachineName + ":8000/Service";
ServiceHost host = new ServiceHost(typeof(Service), new Uri(baseAddress));
//WebHttpBinding binding = new WebHttpBinding();
//binding.Security.Mode = WebHttpSecurityMode.Transport;
host.AddServiceEndpoint(typeof(IService), new WebHttpBinding(), "").Behaviors.Add(new WebHttpBehavior());
host.Open();
Console.WriteLine("Host opened");
Console.ReadLine();
Is there a way I can have my service running in HTTPS?
Create and install a root authority and HTTPS certificate
Open command prompt as Administrator:
Create folder
C:\Certs
and navigate to it.#Root Authority makecert.exe -r -pe -n "CN=My Root Authority" -ss CA -sr LocalMachine -a sha1 -sky signature -cy authority -sv CA.pvk CA.cer #Certificate makecert.exe -pe -n "CN=localhost" -a sha1 -sky exchange -eku 1.3.6.1.5.5.7.3.1 -ic CA.cer -iv CA.pvk -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 -sv server.pvk server.cer #key pvk2pfx.exe -pvk server.pvk -spc server.cer -pfx server.pfx
**Default location for makecert and pvk2pfx is C:\Program Files (x86)\Microsoft SDKs\Windows\v7.0A\bin
Install certificates
From the command line:
certmgr.exe -add CA.cer -r LocalMachine -s CertificateAuthority
certmgr.exe -add server.pfx -r LocalMachine -s My -all
From MMC:
Open up MMC by going to command prompt and type MMC. This will open blank MMC console. Click add/remove snap in. Add Certificates and choose Computer Account / Local computer.
Navigate to Intermediate Certification Authorities / Certificates. Right Click and choose import. Navigate to the folder where you have creatd CA.cer file and click to import.
Navigate to Personal / Certificates and right click Import. Locate your server.pfx file (you will need to select PFX from list of available extensions) and import this file. When done open the certificate by double clicking and note its thumbprint under Details. Paste this into Notepad and remove extra
?
at the beginning and remove spaces.To get the certificate of server thumbprint you can run this in PowerShell:
$getThumb = Get-ChildItem -path cert:\LocalMachine\TrustedPeople | where { $_.Subject -match "CN=localhost" } $getThumb.thumbprint
Register and map WCF port with netsh
Map to WCF port
netsh http add sslcert ipport=0.0.0.0:8000 certhash=73269e9b554f58d75e77880f5ff72b50c8d724ee appid={e2eaacd9-92e6-43cc-b51c-7a7887149607} appid - any GUID certhas - this is the thumb print from the step 2
Setup your host
Set to HTTPS and enable transport security:
string baseAddress = "https://" + Environment.MachineName + ":8000/Service"; var binding = new WebHttpBinding(); binding.Security.Mode = WebHttpSecurityMode.Transport;
Detailed references
How to: Create and Install Temporary Certificates in WCF for Transport Security During Development (MSDN)
Configuring HTTP and HTTPS (MSDN)
And if you run into problems with add sslcert:
Stack Overflow question Self-hosting using SSL and WCF - can't bind certificate to port
Stack Overflow question Using netsh, bind an SSL certificate to a port number is failing
Stack Overflow question Certificate on WCF service that does not use IIS
这篇关于从控制台应用程序HTTPS?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!