Re: WCF Message Security su sertifikatais [rl @ 2011-05-05 15:26:21]

Tema: Re: WCF Message Security su sertifikatais
Autorius: rl
Data: 2011-05-05 15:26:21
Cia kaip suprantu ta pati sertifikata nori naudoti ir ant kliento ir ant 
serverio ir viska leisti per HTTP?

Nu tai ant serverio sudedi sertifikata i Local Computer storage'a ir 
confige nurodai kad ji naudotu: <behavior> 
<serviceCredentials><serviceCertificate...StoreLocation/StoreName/Name

Ant kliento isideti i Local Computer arba Current User storage'a ir 
nurodai kad ji naudotu: <behavior><clientCredentials> 
<clientCertificate...StoreLocation/StoreName/Name

Na ir jei neveikia - tai rasyk kokia klaida meta....
Gal tu idedi sertifikatus i viena vieta, bet nurodai kad imtu is kitos...

On 2011.05.05 14:58, Sabotage wrote:
> <security mode="Message">
>
> <message clientCredentialType="Certificate"
> negotiateServiceCredential="false" establishSecurityContext="false" />
>
> </security>
>
> "rl"<ask@me.for>  wrote in message news:ipu0im$isc$1@trimpas.omnitel.net...
>> Pradziai kas pas tave config'e ant servo?
>>
>> <security mode=?
>> <transport clientCredentialType=?
>> <message clientCredentialType=?
>> </security>
>>
>>
>> On 2011.05.05 13:41, Sabotage wrote:
>>> Pirmiausia noriu ishsiaiskinti ar gerai suinstaliavau sertifikatus. Su
>>> sertifikatais nesu dirbes, todel galiu daryti kokia elementaria klaida.
>>>
>>> Zodziu situacija tokia:
>>>
>>> .NET Framework 4
>>> WCF servisas hostinamas Win 2003 serveryje IIS 6.0
>>> WCF klientas mano desktop
>>>
>>> Kaip suprantu WCF Message Security reikia
>>>
>>> 1) Serverio sertifikata su private key suinstaliuoti ant serverio
>>> 2) Serverio sertifikato public key suinstaliuoti ant kliento (mano
>>> desktopas)
>>> 3) Kliento sertifikata su private key suinstaliuoti ant kliento  (mano
>>> desktopas)
>>> 4) Kliento sertifikato public key suinstaliuoti ant serverio
>>>
>>> (saltinis http://www.codeproject.com/KB/WCF/wcf_certificates.aspx
>>>
>>> a.. Created a client certificate on the client machine
>>> a.. Installed the client certificate's public key on the server machine
>>> a.. Created a server certificate on the server machine
>>> a.. Installed the server certificate's public key on the client machine
>>> )
>>>
>>> Turiu signed sertifikata is Verisign.
>>>
>>> Serveryje ji suinstaliavau i Certificates (Local Computer)>   Personal
>>> Eksportavau sertifikata be private key ir suinstaliavau ant kliento
>>> Certificates (Current User)>   Personal
>>> Po to suinstaliavau ta pati sertifikata su private key ant kliento
>>> Certificates (Current User)>   Trusted People
>>> Vel eksportavau sertifikata be private key ir suinstaliavau ant serverio
>>> Certificates (Current User)>   Trusted People
>>>
>>> Gal zinai ar teisingai paguldziau visus tuos sertifikatus?  Bandant
>>> leisti
>>> serviso metoda gaunu exceptiona, bet google neradau sprendimo.
>>>
>>> "rl"<ask@me.for>   wrote in message
>>> news:iptqqn$9c1$1@trimpas.omnitel.net...
>>>> Transport Security dares su client sertifikatais. O siaip tai ten
>>>> didelio
>>>> skirtumo nera...
>>>>
>>>> On 2011.05.05 11:16, Sabotage wrote:
>>>>> Sveiki,
>>>>>
>>>>> gal kas yra dare subj? Turiu keleta klausimu del konfiguracijos..
>>>>>
>>>>>
>>>
>>>
>
>