WCF NetCore 跳过证书验证

Question

我正在尝试将 WCF api 与 .Net Core 2.1.2 一起使用，但我目前在认证验证方面遇到了一些问题。

主要问题是，当我在调试时，我可以向服务器发出请求。当我部署我的项目的可执行文件并在我的机器上运行时，我也可以发出请求。但是，当我将相同的可执行文件复制到接受环境时，代码会抛出异常“无法为 SSL/TLS 安全通道建立信任关系”

我的机器在验收环境之外（我使用的是 VPN）。验收机在环境内。

有什么想法吗？

谢谢！

private WSClient InstantiateProxy()
{
    WSClient accessWSClient = new WSClient(EndpointConfiguration.MIAccessPort, Configuration["AppConfiguration:Endpoint"]);

    accessWSClient.ClientCredentials.Windows.ClientCredential =
        new NetworkCredential(Configuration["AppConfiguration:Username"], Configuration["AppConfiguration:Password"]);

    ConfigureBinding(accessWSClient);

    accessWSClient.ClientCredentials.ServiceCertificate.SslCertificateAuthentication = new X509ServiceCertificateAuthentication
    {
        CertificateValidationMode = X509CertificateValidationMode.None,
        RevocationMode = X509RevocationMode.NoCheck,
    };

    return accessWSClient;
}

private static void ConfigureBinding(WSClient accessWSClient)
{
    System.ServiceModel.BasicHttpBinding binding = new System.ServiceModel.BasicHttpBinding
    {
        MaxBufferSize = int.MaxValue,
        ReaderQuotas = System.Xml.XmlDictionaryReaderQuotas.Max,
        MaxReceivedMessageSize = int.MaxValue,
        AllowCookies = true
    };

    binding.Security.Mode = System.ServiceModel.BasicHttpSecurityMode.Transport;
    binding.Security.Transport.ClientCredentialType = System.ServiceModel.HttpClientCredentialType.Windows;

    accessWSClient.Endpoint.Binding = binding;
}

Answer 1

最近遇到了同样的问题，这为我解决了（使用依赖注入）。 然后只需在启动时调用 AddWcfClient 以便为每个环境注入正确的 httpBinding。

我的情况是我在 DEV 中有 http 地址，在 PROD 中有 https 地址，所以这个人应该给你正确的 wcf 的 httpBinding 实例，不管是不是 https。

Gist here

public static class HttpBindingExtensions
{
    public static BasicHttpBinding Https => new BasicHttpBinding
    {
        MaxReceivedMessageSize = int.MaxValue,
        MaxBufferSize = int.MaxValue,
        Security = new BasicHttpSecurity()
        {
            Mode = BasicHttpSecurityMode.Transport
        }
    };
    public static BasicHttpBinding Http => new BasicHttpBinding
    {
        MaxReceivedMessageSize = int.MaxValue,
        MaxBufferSize = int.MaxValue
    };

    public static IServiceCollection AddWcfClient<I, T>(this IServiceCollection services, string key)
        where I : class
        where T : class, I
            => services.AddScoped<I>(x => GetWcfInstance<I, T>(key, x));

    private static T GetWcfInstance<I, T>(string key, IServiceProvider x) where I : class where T : class, I
    {
        var type = typeof(T);
        var ctorInfo = type.GetConstructor(new[] { typeof(BasicHttpBinding), typeof(EndpointAddress) });

        var config = (IConfiguration)x.GetService(typeof(IConfiguration));
        var instance = (T)ctorInfo?.Invoke(new object[] { config.GetHttpBinding(key), config.GetEndpointAddress(key) });
        return instance;
    }

    public static EndpointAddress GetEndpointAddress(this IConfiguration config, string key)
    {
        return new EndpointAddress(config[key]);
    }
    public static BasicHttpBinding GetHttpBinding(this IConfiguration config, string key)
    {
        return GetHttpBinding(config[key]);
    }
    public static BasicHttpBinding GetHttpBinding(string uri)
    {
        return uri.StartsWithIgnoreCase("https") ? Https : Http;
    }
}