不使用IIS的WCF服务上的证书 [英] Certificate on a WCF service that does not use IIS
问题描述
我有一个 WCF 应用程式,通常在 IIS (适用于我的测试和生产环境)。但是当我从我的调试器运行它时,它被设置为运行自托管(即,一个控制台窗口弹出和IIS不使用)。
I have a WCF application that normally runs in IIS (for my testing and production environments). But when I run it from my debugger it is setup to run self hosted (that is, a console window pops up and IIS is NOT used).
客户端应用程序,我连接到WCF应用程序。通常,当我测试我的客户端应用程序(在 Windows Mobile 上运行)时,它会设置为连接到我的一个测试环境(我有一个开发环境让我测试)。
I also have a client application that I connect to the WCF application. Normally when I am testing my client application (that runs on Windows Mobile) it is setup to connect to one of my testing environments (I have a development environment for me to test in).
我现在的问题是,似乎有一个断开之间的客户端发送和WCF应用程序得到什么。我需要调试我的WCF应用程序。
The problem I am having now is that there seems to be a disconnect between what the client is sending and what the WCF application is getting. I need to debug my WCF application.
我可以运行我的WCF应用程序,然后更改我的客户端的URL指向调试器版本,但我的服务运行 SSL ,并具有客户端硬编码的证书。
I can run my WCF application and then change the URL of my client to point the debugger version, but my services run with SSL and have a certificate that the client is hardcoded to expect.
我宁愿不禁用我的代码(在客户端)的那部分。有没有办法在自己的WCF应用程序上安装证书?
I would rather not disable that part of my code (on the client). Is there a way to install the certificate on my self-hosted WCF application?
推荐答案
我只想添加一些有用的信息如何以编程方式为自托管WCF服务安装SSL证书。本文不包括如何获取 WCF应用程序使用SSL证书,因为
I just want to add some helpful information on how to programatically install an SSL certificate for a self-hosted WCF service. This does not cover how to get the WCF application to use the SSL certificate, since that is well-documented elsewhere on the web.
这是由管理员在设置时运行,而不是由实际的应用程序本身运行,在本例中, 网络服务帐户下运行。
This is intended to be run at setup time by an administrator, and not by the actual application itself, which in this example, runs under the limited Network Service account.
- 代码必须以< a href =http://stackoverflow.com/questions/3600322/check-if-the-current-user-is-administrator>管理员。
- 设置HTTP命名空间预留
使用
中的示例程序化编程授予命名空间
- 使用
.aspx / httpapi.httpsetserviceconfiguration>使用
HttpServiceConfiguration 更改与
关联的证书。
- The code must run as an administrator.
- Set the HTTP Namespace reservation programatically using the example in Programatically Granting a Namespace Reservation.
- Set the SSL information programatically using the example in Changing the Certificate associated with IP address using HttpServiceConfiguration.
您可以使用这些代码示例来安装和配置证书:
You can then use those code samples to install and configure the certificate:
if (!IsAdministrator())
{
Console.WriteLine("Must run "+
"as a user with local Administrator privileges.");
Environment.Exit(-1);
}
//Open the cert.
X509Certificate2 certificate = new X509Certificate2(certFilePath);
//Add it to the local store
X509Store certStore = new X509Store(StoreName.My, StoreLocation.LocalMachine);
certStore.Open(OpenFlags.ReadWrite);
certStore.Add(certificate);
certStore.Close();
//Reserve an HTTPS namespace for it.
string urlPrefix = string.Format("https://+:{0}/{1}", portNum, appPath);
ReserveHttpNamespace.ModifyReservation(urlPrefix, "Network Service", false);
//Set the SSL cert for this service.
SetSSLCert.BindCertificate("0.0.0.0", portNum, certificate.GetCertHash());
然后,您可以使用有用的 HttpCfg UI工具。
You can then check that this ran correctly using the helpful HttpCfg UI Tool.
这篇关于不使用IIS的WCF服务上的证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
