我目前正在开发一个WCF服务器,希望从文件/资源中加载证书,而不是从证书存储中加载,以使部署更方便。你有什么好的想法吗?
谢谢你的帮助!
谢谢你的帮助!
假设您正在使用双工信道,您可以按照以下方式从文件中加载证书:
//Load certificate file with private key
var certificate = new X509Certificate2("c:\certificate.pfx", "password");
//Configure your server by to use certificate, for example:
var host = new ServiceHost(typeof(YourService),
new Uri("Your service's uri"));
host.Credentials.ServiceCertificate.Certificate = certificate;
//configure your server to accept client's certificate , accept all
//certificate in this case, or you can assign it to the public key file
host.Credentials.ClientCertificate.Authentication.CertificateValidationMode
= X509CertificateValidationMode.None;
//configure your client to use certificate
var channelFactory = new ChannelFactory<IYourService>();
channelFactory.Credentials.ClientCertificate.Certificate =
clientCertificate;
//configure your client to accept server's certificate,
//again, for simplicity, just accept any server's certificate
channelFactory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode
= X509CertificateValidationMode.None;
我认为从这个点上来说,你应该没问题了。只要记住,如果你从文件加载,你必须加载由pvk2pfx.exe生成的.pfx文件,它包含私钥和公钥。否则,WCF会迷惑于在哪里查找私钥。