Я хочу организовать защищенное соединение между клиентом и сервисом WCF. Клиент должен быть уверен, что он может доверять сервису.
Я создал два сертификата для доверенного корня и для личных хранилищ на локальном компьютере. Я вижу правильный путь сертификации в надстройке сертификата. Общее имя сертификата — localhost.
Я добавил привязку для https в IIS.
У меня есть служба со следующей конфигурацией
Поведение
<behavior name="AgencyTrustedServiceBehavior">
<dataContractSerializer maxItemsInObjectGraph="10000000" />
<serviceMetadata httpsGetEnabled="true" policyVersion="Policy15" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceCredentials>
<clientCertificate>
<authentication certificateValidationMode="None" />
</clientCertificate>
<serviceCertificate findValue="localhost" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
</serviceCredentials>
</behavior>
Связывание
<wsHttpBinding>
<binding name="InternetServiceBinding" closeTimeout="00:10:00"
openTimeout="00:10:00" sendTimeout="00:10:00" bypassProxyOnLocal="true"
maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Mtom">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="Transport">
<transport clientCredentialType="None">
<extendedProtectionPolicy policyEnforcement="Never" />
</transport>
</security>
</binding>
</wsHttpBinding>
Конечная точка
<service behaviorConfiguration="AgencyTrustedServiceBehavior" name="Megatec.MasterTourService.AuthService">
<endpoint address="Anonymous"
binding="wsHttpBinding"
bindingConfiguration="InternetServiceBinding"
name="Megatec.MasterTourService.Contracts.IAuthServiceAnonymous"
contract="Megatec.MasterTourService.Contracts.IAuthService">
</endpoint>
</service>
Но когда я пытаюсь получить доступ к службе с помощью WCFTestClient, возникает следующее исключение
There was no endpoint listening at http://localhost/IISTest/AuthService.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details. The remote server returned an error: (404) Not Found.
HTTP GET Error URI: http://localhost/IISTest/AuthService.svc The document at the url http://localhost/IISTest/AuthService.svc was not recognized as a known document type.The error message from each known type may help you fix the problem:
- Report from 'XML Schema' is 'The document format is not recognized (the content type is 'text/html; charset=UTF-8').'.
- Report from 'DISCO Document' is 'There was an error downloading 'https://dev4-10.megatec.ru/IISTest/AuthService.svc?disco'.'.
- The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
- The remote certificate is invalid according to the validation procedure.
- Report from 'http://localhost/IISTest/AuthService.svc' is 'The document format is not recognized (the content type is 'text/html; charset=UTF-8').'.
- Report from 'WSDL Document' is 'The document format is not recognized (the content type is 'text/html; charset=UTF-8').'.
что не так?