WCF安全性：未提供服务证书。在ServiceCredentials中指定服务证书

Question

我通过重载'UserNamePasswordValidator'并使用消息安全性实现了WCF服务和自定义验证，但在我的开发机器上没有证书，但在LIVE环境中有SSL证书。所以我在LIVE服务器上托管了服务，但代码仍然低于错误

    'The service certificate is not provided. Specify a service certificate in ServiceCredentials'

    '<system.serviceModel>
        <behaviors>
          <serviceBehaviors>
            <behavior name="customBehavior">
              <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
              <serviceDebug includeExceptionDetailInFaults="true" />
              <serviceCredentials>
                <userNameAuthentication 
                  userNamePasswordValidationMode="Custom" 
                  customUserNamePasswordValidatorType="Myassembly.UserNameValidator,Myservice"/>
    <serviceCertificate findValue="MyCertName" storeLocation="CurrentUser" storeName="TrustedPeople" x509FindType="FindBySubjectName" />
              </serviceCredentials>
            </behavior>
          </serviceBehaviors>
        </behaviors>

        <bindings >
          <wsHttpBinding>
            <binding name="RequestUserName" >
              <security mode="Message">
                <message clientCredentialType="Certificate"/>
              </security>
            </binding>
          </wsHttpBinding>
        </bindings>

        <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" minFreeMemoryPercentageToActivateService="0" />

        <services>
          <service name="CRMServices" behaviorConfiguration="customBehavior">
            <!--For basic http binding endpoint-->
            <endpoint address="" binding="wsHttpBinding" 
                      bindingConfiguration="RequestUserName"
                      contract="ICRMServices">
              <!--<identity>
                <dns value="localhost" />
              </identity>-->
            </endpoint>
            <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
            <host>
              <baseAddresses>

              </baseAddresses>
            </host>
          </service>
        </services>
      </system.serviceModel> '

I have applied SSL to the deployed WCF service but when try to access the hosted URL it is giving '404' and in event viewer it is showing 
 'InvalidOperationException 
   Cannot find the X.509 certificate using the following search criteria: StoreName 'TrustedPeople', StoreLocation 'CurrentUser', FindType 'FindBySubjectName', FindValue 'Mycert'. at System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(StoreName storeName, StoreLocation storeLocation, X509FindType findType, Object findValue, EndpointAddress target, Boolean throwIfMultipleOrNoMatch '

请帮帮我

Answer 1

找不到证书。你指定了：

<serviceCertificate findValue="MyCertName" storeLocation="CurrentUser" storeName="TrustedPeople" x509FindType="FindBySubjectName" />

因此，它会在CurrentUser商店中的TrustedPeople中查找Subject中MyCertName的证书。 当您在visual studio中运行WCF服务时，它会在您的帐户下运行，因此在这种情况下，当前用户可以正常运行。但是当您在IIS上部署服务时，它将在aplication pool用户下运行（默认情况下，它是IIS APPPOOL \ DefaultAppPool用户）。

我会

• 检查您要使用的证书的位置（在哪个商店中）。我打赌它在LocalMachine \ Personal商店。您可以使用mmc来检查
• 如果我可以选择放置服务证书的位置，那么它将是LocalMachine \ Personal。我将设置对应于服务运行的应用程序池用户的证书的私钥的访问权限。可以在mmc。
中完成
• 我会选择x509FindType="FindByThumbrint"作为我的搜索条件。您可以非常肯定商店中只有一个证书。