WCF distributed development common error (24): cocould not establish trust relationship for the SSL/TLS Secure Channel with authorit

Use TransmissionSecurityMode. Certificates are used to establish SSL and host port certificates.ConfigurationAn error occurred while calling the service.
[1] error message:
Cocould not establish trust relationship for the SSL/TLS Secure Channel with authority 'computer: 100 '.
You cannot establish a trust relationship with an authorized computer as an SSL/TLS security channel.
Connection to the WCF Chinese Forum: cannot establish a trust relationship with the authorized computer for the SSL/TLS Security Channel: cocould not establish trust relationship for the SSL/TLS Secure Channel with authority 'computer: 8080'
Error:

Wcfsecuritynegotiationexception.gif (13.65 K)

8/11/2009 10:44:51

[2] configuration information:
2.1 Server Configuration:
The server sets a certificate and does not adopt Client Security Authentication. The security mode is transmission security. The server configuration information is as follows:

2. <Services>
4. <Service behaviorconfiguration = "wcfservice. wcfservicebehavior" name = "wcfservice. wcfservice">
6. <Endpoint
8. Address = "wcfservice"
10. Binding = "wshttpbinding"
12. Bindingconfiguration = "basicwithtransport"
14. Contract = "wcfservice. iwcfservice">
16. </Endpoint>
18. <Endpoint address = "mex" binding = "mexhttpsbinding" Contract = "imetadataexchange"/>
20. <Host>
22. <Baseaddresses>
24. <Add baseaddress = "https: // machine: 9001/"/>
26. </Baseaddresses>
28. </Host>
30. </Service>
32. </Services>
34. <Behaviors>
36. <Servicebehaviors>
38. <Behavior name = "wcfservice. wcfservicebehavior">
40. <Servicemetadata httpsgetenabled = "true"/>
42. <Servicedebug includeexceptiondetailinfaults = "false"/>
44. <Servicecredentials>
46. <Servicecertificate storename = "my" x509findtype = "findbysubjectname" findvalue = "wcfhttps" storelocation = "localmachine"/>
48. </Servicecredentials>
50. </Behavior>
52. </Servicebehaviors>
54. </Behaviors>
56. <Bindings>
58. <Wshttpbinding>
60. <Binding name = "basicwithtransport">
62. <Security mode = "transport">
64. <Transport clientcredentialtype = "NONE"/>
66. </Security>
68. </Binding>
70. </Wshttpbinding>
72. </Bindings>

CopyCode

2.2 client Configuration:
After the client adds a service reference, it calls the WCF Service directly by instantiating the class, and the result shows that the trust relationship cannot be established for SSL.

1. Wcfclient. clientproxy. wcfserviceclient wcfserviceproxyhttp = new wcfclient. clientproxy. wcfserviceclient ("wshttpbinding_iwcfservice ");
2. // Call the sayhello service by proxy
3. String sname = "Frank Xu Lei wshttpbinding ";
4. String sresult = string. empty;
5. Sresult = wcfserviceproxyhttp. sayhello (sname );

Copy code

[3] Problem Analysis:
Cocould not establish trust relationship for the SSL/TLS Secure Channel with authority 'computer: 100 '.
You cannot establish a trust relationship with an authorized computer as an SSL/TLS security channel.
The actual cause has a lot to do with the certificate. Here, the certificate is a certificate trusted by the certificate authority. This certificate cannot be trusted when a secure session is established between the client and the server.
Another possible cause is that you use this certificate in other domains, which may also lead to errors.
[4] solution:
3.1: Define a class to verify and process remote X.509 certificates. The return value is true. we need to define a class by ourselves, and then execute it once before the customer monotonous use of the WCF Service. The Code is as follows:

2. Public static class util
4. {
6. /// <Summary>
8. /// Sets the CERT policy.
10. /// </Summary>
12. Public static void setcertificatepolicy ()
14. {
16. Servicepointmanager. servercertificatevalidationcallback
18. + = Remotecertificatevalidate;
20. }
22. /// <Summary>
24. /// Remotes the certificate validate.
26. /// </Summary>
28. Private Static bool remotecertificatevalidate (
30. Object sender, x509certificate cert,
32. X509chain chain, sslpolicyerrors error)
34. {
36. // Trust any certificate !!!
38. System. Console. writeline ("Warning, trust any certificate ");
40. Return true;
42. }
44. }

Copy code

you must call this method before calling the operation: util. setcertificatepolicy (); sresult = wcfserviceproxyhttp. sayhello (sname);
3.2: You must install with the Certificate Authority on the client and server. Then create a trusted root certificate authority certificate. Can refer to this:
http://www.codeplex.com/WCFSecur... ringtitle = How % 20tos
[5] summary:
the second mechanism used when developing and deploying the WCF Service for Windows Server products. The certificate issued by the certificate authority. The first method of learning is normal. WCF secure development programming practices are a complex process. In addition to basic security knowledge, you must be proficient in using various certificates for production, installation, and SSL certificates. configuration and other tools . In Windows server2003, The vitsa system is quite different. In general XP system development and learning, a write service needs to be installed, and the debugging process is also cumbersome. Once a bit of configuration is incorrect, an exception occurs. Learn with patience.
references: 1. cocould not establish trust relationship for the SSL/TLS Secure Channel with authority pC1 2.wcf cocould not establish trust relationship for the SSL/sectls ure channel with authority