尝试在我的web service应用程序中对HTTPS端点进行Silverlight调用导致此错误:“找不到与绑定WSHttpBinding的端点的方案https匹配的基地址。注册的基址方案是[http]“
与此处发布的问题相同:
http://social.msdn.microsoft.com/Forums/en-US/wcf/thread/4c19271a-f5e6-4659-9e06-b556dbdcaf82/
因此,建议之一是:“另一个问题可能是证书名称和计算机名称不一致,这导致WCF适合。如果是这种情况,您可以告诉WCF跳过证书的验证。“
嗯,我do收到证书错误,因为这只是一个演示服务器。
这是我设置客户的方法:
BasicHttpBinding binding = new BasicHttpBinding();
binding.Security.Mode = BasicHttpSecurityMode.Transport;
_ws = new AnnotationService.AnnotationClient(binding, new EndpointAddress(myAddress));
我如何告诉WCF跳过验证?
允许跨域通信在Silverlight中实现此目的。
在这种情况下,您需要在托管WCF服务的域的根目录中放置一个clientaccesspolicy.xml文件:<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="SOAPAction">
<domain uri="http://*"/>
</allow-from>
<grant-to>
<resource path="/" include-subpaths="true"/>
</grant-to>
</policy>
</cross-domain-access>
</access-policy>
这里是MSDN states about this approach:允许访问HTTPS服务来自任何托管的Silverlight控件通过HTTP应用程序,您需要将我还没有尝试过,但是值得一试。另外,请务必查看以下资源以获取更多详细信息:
” /> *元素在您的[[ 元素中。 Making a Service Available Across Domain Boundaries
在.NET中禁用X.509证书验证
对于.NET应用程序,此示例WCF配置将禁用对证书是否受信任以及在客户端上仍然有效的验证:
<system.serviceModel> <behaviors> <endpointBehaviors> <behavior name="DisableServiceCertificateValidation"> <clientCredentials> <serviceCertificate> <authentication certificateValidationMode="None" revocationMode="NoCheck" /> </serviceCertificate> </clientCredentials> </behavior> </endpointBehaviors> </behaviors> <client> <endpoint address="http://localhost/MyService" behaviorConfiguration="DisableServiceCertificateValidation" binding="wsHttpBinding" contract="MyNamespace.IMyService" name="MyServiceWsHttp" /> </client> </system.serviceModel>
一种替代解决方案是提供定制逻辑来验证服务提供的X.509证书。在这种情况下,您将必须根据以下内容修改配置文件:
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="DisableServiceCertificateValidation">
<clientCredentials>
<serviceCertificate>
<authentication certificateValidationMode="Custom"
customCertificateValidatorType="MyCertificateValidator, Client"
revocationMode="NoCheck" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<client>
<endpoint address="http://localhost/MyService"
behaviorConfiguration="DisableServiceCertificateValidation"
binding="wsHttpBinding"
contract="MyNamespace.IMyService"
name="MyServiceWsHttp" />
</client>
</system.serviceModel>
然后创建一个从X509CertificateValidator派生的类以实现您的自定义验证逻辑。
public class MyCertificateValidator : X509CertificateValidator
{
public override void Validate(X509Certificate2 certificate)
{
// Add custom validation logic
// Throw an exception to fail validation
}
}
和往常一样,您可以在MSDN上找到a more detailed example。
这里是支持SSL的示例绑定配置:
<bindings>
<basicHttpBinding>
<binding name="SecureTransport">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
您的端点配置将如下所示:
<endpoint address=""
binding="basicHttpBinding"
bindingConfiguration="SecureTransport"
contract="MyServices.IWebService" />