A.makecert -sr localmachine -ss My -n CN=TopupProxyServer -sky exchange -pe -r B.检索证书的指纹 ,证书名TopupProxyServer C.设置 wsHttpBinding.binding的security mode为TransportWithMessageCredential;clientCredentialType为UserName
<binding name="WSHttpBinding_ITerminalHandler" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="12000000" maxReceivedMessageSize="12000000" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="false" allowCookies="false"> <readerQuotas maxDepth="32" maxStringContentLength="12000000" maxArrayLength="12000000" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" /> <security mode="TransportWithMessageCredential"> <!--<transport clientCredentialType="None" />--> <message clientCredentialType="UserName" /> </security> </binding>
D.设置<services>下的 service的binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_ITerminalHandler",注意如果是https的话, 那么<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange"/>里面的binding应该是"mexHttpsBinding"
<service behaviorConfiguration="ACS.AFC.DeferredTopup.Proxy.TerminalHandlerBehavior" name="ACS.AFC.DeferredTopup.Proxy.TerminalHandler"> <endpoint address="" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_ITerminalHandler" contract="ACS.AFC.DeferredTopup.Proxy.ITerminalHandler"> <identity> <dns value="localhost" /> </identity> </endpoint> <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange"/> <host> <baseAddresses> <add baseAddress="https://localhost:444/"/> </baseAddresses> </host> </service>
E.设置behavior 注意<serviceMetadata httpsGetEnabled="true" />里面使用的是httpsGetEnabled
<behavior name="ACS.AFC.DeferredTopup.Proxy.TerminalHandlerBehavior"> <serviceAuthorization principalPermissionMode="Custom"> <authorizationPolicies> <add policyType="ACS.AFC.HostSecurityModule.AuthorizationPolicy, ACS.AFC.HostSecurityModule" /> </authorizationPolicies> </serviceAuthorization> <serviceThrottling maxConcurrentCalls="200" maxConcurrentSessions="200" maxConcurrentInstances="200" /> <serviceMetadata httpsGetEnabled="true" /> <serviceDebug includeExceptionDetailInFaults="true" /> <serviceCredentials> <clientCertificate> <authentication certificateValidationMode="None" /> </clientCertificate> <serviceCertificate findValue="TopupProxyServer" storeLocation="LocalMachine" x509FindType="FindBySubjectName" /> <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="ACS.AFC.HostSecurityModule.CustomUsernamePasswordValidator,ACS.AFC.HostSecurityModule" /> </serviceCredentials> </behavior>