WCF:启用TLS 1.2并禁用SSL后无法连接到服务
我们正在升级 产品使用TLS 1.2版本。为此,我们将所有项目从.net 4.6.2升级到.net 4.7.2版本,并将
升级为。
我看到一个问题,特定于打开频道时的WCF服务" (proxy as ICommunicationObject )。Open(); "
我的代码中已经有了这个:
// https://docs.microsoft.com/en-us/dotnet/framework/whats-new/#wcf47AppContext.SetSwitch("Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols",
false);
AppContext.SetSwitch("Switch.System.Net.DontEnableSchUseStrongCrypto",
false);
System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;
例外:
由于身份验证失败,无法满足安全令牌请求。
The request for security token could not be satisfied because authentication failed.
该服务未对来电者进行身份验证。
The caller was not authenticated by the service.
我使用证书(包括客户端和服务器)进行身份验证
Security.Message.ClientCredentialType = MessageCredentialType.Certificate;
请帮助!
Kindly help!
修复了以下问题:
Fixed the issue after having:
Client Side:
b.Security.Message.EstablishSecurityContext = false ;
b.Security.Message.NegotiateServiceCredential = false ;
b.Security.Message.EstablishSecurityContext = false; b.Security.Message.NegotiateServiceCredential = false;
服务器端:
Server side:
<message clientCredentialType="Certificate" establishSecurityContext="false" negotiateServiceCredential="false"/>
https://blogs.msdn.microsoft.com/dsnotes/2017/04/13/wcf-message-security-limitation-with-tls-1-2-protocol/