相互SSL安全模式绑定配置

Microsoft官方文档还提供了一个示例，该示例使用具有互证书的消息安全性模式对客户端进行身份验证。https://docs.microsoft.com/en-us/dotnet/framework/wcf/feature-details/message-security-with-mutual-certificates我们需要做的是在服务器端配置服务证书，在客户端端配置证书，并在客户端和服务器端之间建立证书信任关系。这是标准配置。

<system.serviceModel> <behaviors> <serviceBehaviors> <behavior name="serviceCredentialBehavior"> <serviceCredentials> <serviceCertificate findValue="Contoso.com" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" /> </serviceCredentials> </behavior> </serviceBehaviors> </behaviors> <services> <service behaviorConfiguration="serviceCredentialBehavior" name="ServiceModel.Calculator"> <endpoint address="http://localhost/Calculator" binding="wsHttpBinding" bindingConfiguration="InteropCertificateBinding" name="WSHttpBinding_ICalculator" contract="ServiceModel.ICalculator" /> </service> </services> <bindings> <wsHttpBinding> <binding name="InteropCertificateBinding"> <security mode="Message"> <message clientCredentialType="Certificate" negotiateServiceCredential="false" establishSecurityContext="false" /> </security> </binding> </wsHttpBinding> </bindings> </system.serviceModel>

这也适用于TransportWithMessageCredential安全模式。只要安全模式为Transport安全模式，就需要将证书绑定到特定端口。此外，绑定配置应在客户端和服务器端之间保持一致。就像服务合同在客户端和服务器端之间共享一样。请随时告诉我是否有什么我可以帮助的。