Windows服务承载WCF通过HTTPS [英] Windows Service hosted WCF over HTTPS
问题描述
我已经创建并按照这些说明从MSDN 的配置SSL证书。我收到错误消息这个问题名单,但我不知道如何在这个问题接受的答案映射到我的App.config文件。配置文件的内容,并正确通过HTTP工作的服务本身,它只是通过HTTPS这个问题正在发生。
I've created and configured an SSL certificate as per these instructions from MSDN. I'm getting the error message that this question lists, but am not sure how to map the accepted answer in that question to my App.config file. The content of the config file, and the service itself worked correctly over http, it's just over https that the problem is occuring.
我的的App.config 文件是当前:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="TransportSecurity">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service name="LookupServiceHost" behaviorConfiguration="serviceBehaviour">
<host>
<baseAddresses>
<add baseAddress="https://localhost:54321/MyService"/>
</baseAddresses>
</host>
<endpoint address="" binding="wsHttpBinding" contract="ILookupService" bindingConfiguration="TransportSecurity" />
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="serviceBehaviour">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="False"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
</configuration>
的
错误 在Windows返回的异常事件日志:
The ErrorException returned in the Windows Event Log:
服务不能启动。 System.ServiceModel.AddressAlreadyInUseException:HTTP不能注册网址 https://开头+:54321 /为MyService / 。另一个应用程序已经注册了这个网址与HTTP.SYS。 ---> System.Net.HttpListenerException:无法监听前缀的https:// +:54321 /为MyService /'。因为它与机器上的现有注册冲突
Service cannot be started. System.ServiceModel.AddressAlreadyInUseException: HTTP could not register URL https://+:54321/MyService/. Another application has already registered this URL with HTTP.SYS. ---> System.Net.HttpListenerException: Failed to listen on prefix 'https://+:54321/MyService/' because it conflicts with an existing registration on the machine.
可能有人给我一个指针,以如何启用此?
Could someone give me a pointer as to how to enable this?
推荐答案
我以为你是连接两个不同的设置。 Netsh的可用于添加的SSL证书也是为了让应用程序监听指定端口上没有下管理员帐户下运行。唯一的例外针对第二个设置。我以前没有见过,但我假设你已经注册了这个端口的HTTP所以让我们尝试使用(并注册)HTTPS另一个端口或替换以前的注册。
I think you are connecting two different settings. Netsh can be used to add certificate for SSL but also to allow application listening on given port without running under admin account. The exception targets second setting. I haven't seen it before but I assume that you have already registered this port for HTTP so lets try to use (and register) HTTPS on another port or replace previous registration.
编辑:
打开命令提升权限提示(如管理员)。
首先检查是否SSL证书分配给正确的端口:
Open command prompt with elevated privileges (As Admin). First check if SSL cert is assigned to correct port:
netsh http show sslcert
比检查HTTP监听是通过调用注册的端口:
Than check if HTTP listening is registered on that port by calling:
netsh http show urlacl
如果因此使用下面的命令来删除注册:
If so use following command to remove that registration:
netsh http delete urlacl url=http://+:54321/MyService
再添加注册支持监听HTTPS:
Add registration again to support listening on HTTPS:
netsh http add urlacl url=https://+:54321/MyService user=domain\userName
如果用户是用于运行您的Windows服务帐户。如果保险业监督的本地帐户使用了用户名
Where user is account used to run your Windows service. If it ia a local account use only userName.
的注意:的HTTPS下,它出现在通配符必须在urlacl使用。我们可以不写 https://开头本地主机:8733 / ... 来匹配HTTP视觉工作室默认urlacl。这可能是有道理的,因为所请求的主机名是不可用,直到在解密之后。
Note: Under https, it appears the wildcard must be used in the urlacl. We cannot write https://localhost:8733/... to match Visual Studios default urlacl for http. This probably makes sense since the requested hostname isn't available until after decryption.
这篇关于Windows服务承载WCF通过HTTPS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
