J'ai travaillé sur les URL suivantes pour essayer d'accomplir la sécurité de transport WCF en utilisant des certificats clients sur ma machine de développement (donc ma boîte sert de client et de serveur).Sécurité du transport WCF à l'aide de certificats clients
http://msdn.microsoft.com/en-us/library/ff648498.aspx
http://msdn.microsoft.com/en-us/library/ff650751.aspx
Mon environnement est Visual Studio 2008 sous Windows 7 avec IIS 7.5. Tout semble aller bien jusqu'au moment où je fais une demande au serveur soit en ouvrant IE et en naviguant dans un de mes fichiers .svc ou en exécutant mon application client Windows Form .NET et en faisant un appel au service à quel point je reçois l'erreur suivante:
erreur HTTP 403.7 - Interdit
la page que vous tentez d'accéder nécessite votre navigateur pour avoir un certificat client Secure Sockets Layer (SSL) que le serveur Web reconnaît.
fichier de configuration du serveur:
<bindings>
<wsHttpBinding>
<binding name="CertificateWithTransport" maxReceivedMessageSize="2147483647" maxBufferPoolSize="2147483647">
<security mode="Transport">
<transport clientCredentialType="Certificate"></transport>
</security>
</binding>
</wsHttpBinding>
</bindings>
fichier de configuration du client:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="CertificateWithTransport" closeTimeout="00:10:00"
openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="655360" messageEncoding="Text"
textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="Certificate" realm="" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="clientCertificateConf">
<clientCredentials>
<clientCertificate
findValue="32 52 dc 36 e1 95 fb be 4e 3c f6 a6 92 13 53 f4 b5 32 47 45"
storeLocation="CurrentUser"
storeName="My"
x509FindType="FindByThumbprint" />
</clientCredentials>
<!--<clientCredentials>
<clientCertificate findValue="CN=localhostclient"
storeLocation="CurrentUser"
storeName="My"
x509FindType="FindBySubjectDistinguishedName" />
</clientCredentials>-->
<dataContractSerializer maxItemsInObjectGraph="2147483647"/>
</behavior>
</endpointBehaviors>
</behaviors>
<client>
<endpoint address="https://localhost/Source.svc" behaviorConfiguration="clientCertificateConf"
binding="wsHttpBinding" bindingConfiguration="CertificateWithTransport"
contract="SourceServerReference.ISourceService" name="SourceService.wsHttp" />
<endpoint address="https://localhost/Community.svc" behaviorConfiguration="clientCertificateConf"
binding="wsHttpBinding" bindingConfiguration="CertificateWithTransport"
contract="CommunityServerReference.ICommunityService" name="CommunityService.wsHttp" />
<endpoint address="https://localhost/ActivityLeadContact.svc"
behaviorConfiguration="clientCertificateConf" binding="wsHttpBinding"
bindingConfiguration="CertificateWithTransport" contract="ActivityLeadContactServerReference.IActivityLeadContactService"
name="ActivityLeadContactService.wsHttp" />
<endpoint address="https://localhost/User.svc" behaviorConfiguration="clientCertificateConf"
binding="wsHttpBinding" bindingConfiguration="CertificateWithTransport"
contract="UserServerReference.IUserService" name="UserService.wsHttp" />
<endpoint address="https://localhost/PickListItem.svc" behaviorConfiguration="clientCertificateConf"
binding="wsHttpBinding" bindingConfiguration="CertificateWithTransport"
contract="PickListItemServerReference.IPickListItemService"
name="PickListItemService.wsHttp" />
<endpoint address="https://localhost/Prospect.svc" behaviorConfiguration="clientCertificateConf"
binding="wsHttpBinding" bindingConfiguration="CertificateWithTransport"
contract="ProspectServiceReference.IProspectService" name="ProspectService.wsHttp" />
<endpoint address="https://localhost/ActivityLead.svc" behaviorConfiguration="clientCertificateConf"
binding="wsHttpBinding" bindingConfiguration="CertificateWithTransport"
contract="ActivityLeadServiceReference.IActivityLeadService"
name="ActivityLeadService.wsHttp" />
<endpoint address="https://localhost/ActivityReferral.svc" behaviorConfiguration="clientCertificateConf"
binding="wsHttpBinding" bindingConfiguration="CertificateWithTransport"
contract="ActivityReferralServiceReference.IActivityReferralService"
name="ActivityReferralService.wsHttp" />
<endpoint address="https://localhost/Referral.svc" behaviorConfiguration="clientCertificateConf"
binding="wsHttpBinding" bindingConfiguration="CertificateWithTransport"
contract="ReferralServiceReference.IReferralService" name="ReferralService.wsHttp" />
<endpoint address="https://localhost/LeadService.svc" behaviorConfiguration="clientCertificateConf"
binding="wsHttpBinding" bindingConfiguration="LeadService.wsHttp"
contract="LeadServerReference.ILeadService" name="LeadService.wsHttp" />
</client>
</system.serviceModel>
</configuration>
Toute aide serait grandement appréciée!