WCF over HTTPS and Signing the body

后端未结

关注

 1  780

再見小時候 2021-02-10 03:12

I\'ve got a SOAP service I want to connect to. It needs to be accessed trough https and it needs to have it\'s body signed by a certificate.

I\'ve tried the following co

1条回答

余生分开走 (楼主)

2021-02-10 03:24

Fixed it using this customBinding instead of the basicHttpBinding.

        //Setup custom binding with HTTPS + Body Signing + Soap1.1
        CustomBinding binding = new CustomBinding();

        //HTTPS Transport
        HttpsTransportBindingElement transport = new HttpsTransportBindingElement();

        //Body signing
        AsymmetricSecurityBindingElement asec = (AsymmetricSecurityBindingElement)SecurityBindingElement.CreateMutualCertificateBindingElement(MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10);
        asec.SetKeyDerivation(false);
        asec.AllowInsecureTransport = true;
        asec.IncludeTimestamp = true;

        //Setup for SOAP 11 and UTF8 Encoding
        TextMessageEncodingBindingElement textMessageEncoding = new TextMessageEncodingBindingElement(MessageVersion.Soap11, Encoding.UTF8);

        //Bind in order (Security layer, message layer, transport layer)
        binding.Elements.Add(asec);
        binding.Elements.Add(textMessageEncoding);
        binding.Elements.Add(transport);

It seems that TransportWithMessageCredential only uses the Transport for security and ignores everything else.

0 讨论(0)