我需要为我的WCF通道设置客户端证书(例如实例,而不是从Windows证书存储中获取),但是我总是遇到异常:
System.InvalidOperationException:“对象是只读的。”
这很奇怪,因为这些属性有一个setter,但如果我分配一个X509Certificate2它就会崩溃。
堆栈跟踪
System.InvalidOperationException
HResult=0x80131509
Nachricht = Object is read-only.
Quelle = System.Private.ServiceModel
Stapelüberwachung:
at System.ServiceModel.Security.X509CertificateRecipientClientCredential.ThrowIfImmutable()
at System.ServiceModel.Security.X509CertificateRecipientClientCredential.set_DefaultCertificate(X509Certificate2 value)
代码
var binding = new BasicHttpsBinding();
var endpoint = new EndpointAddress(new Uri("https://myservice.com"));
var channelFactory = new ChannelFactory<MyService>(binding, endpoint);
var serviceClient = channelFactory.CreateChannel();
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
var token = GetToken(); // Just an method that reads a pfx from disk
channelFactory.Credentials.
ServiceCertificate.DefaultCertificate = token.Certificate; // throws exception
channelFactory.Credentials.
ClientCertificate.Certificate = token.Certificate; // throws exception too
更新1
SetCertificate
方法会抛出相同的异常:System.InvalidOperationException: "Object is read-only."
using (X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser))
{
store.Open(OpenFlags.ReadWrite);
var x509Certificate2Collection = store.Certificates.Find(X509FindType.FindByThumbprint, token.Certificate.Thumbprint, false);
if(x509Certificate2Collection.Count == 0)
store.Add(token.Certificate);
}
channelFactory.Credentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My,X509FindType.FindByThumbprint, token.Certificate.Thumbprint);
更新2
X509CertificateRecipientClientCredential.cs 的实现非常有趣。
public X509Certificate2 DefaultCertificate
{
get
{
return _defaultCertificate;
}
set
{
ThrowIfImmutable();
_defaultCertificate = value;
}
}
internal void MakeReadOnly()
{
_isReadOnly = true;
this.Authentication.MakeReadOnly();
if (_sslCertificateAuthentication != null)
{
_sslCertificateAuthentication.MakeReadOnly();
}
}
private void ThrowIfImmutable()
{
if (_isReadOnly)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.Format(SR.ObjectIsReadOnly)));
}
}
有些东西在调用internal void MakeReadOnly()
,让我的生活变得更加困难。
GetToken()
是什么?请阅读 [ask] 并 [edit] 您的问题以包括 [mcve]。 - Camilo Terevintovar
替换为GetToken()所在行上的实际类型,这将有很大帮助。 - H H