我有一个简单的WCF服务,是伟大的工作,直到我添加了证书的安全使用TCP约束力。一旦我做到了,我开始约45秒的延迟,请参阅服务之前收到的消息,并处理。使用Wireshark,它似乎有某种安全协商,然后该服务停止响应约45秒钟,终于它响应客户端和数据遇到。我删除了安全,并再次在附近的实时工作。没有任何人有任何这样的东西的经验?
这里的服务配置:
<services>
<service behaviorConfiguration="MEXGET" name="AtcSystemService.AtcSystemService">
<endpoint binding="netTcpBinding" bindingConfiguration="TcpBindingConfig" name="tcpEndpoint" contract="AtcSystemService.IAtcSystemService"/>
<endpoint kind="udpDiscoveryEndpoint"/>
<endpoint address="net.tcp://CONW-W7-PHILLP:58009" binding="netTcpBinding" bindingConfiguration="TcpLargeFileBinding" name="tcpLargeFileEndpoint" contract="AtcSystemService.IAtcStreamService"/>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
<host>
<baseAddresses>
<add baseAddress="net.tcp://CONW-W7-PHILLP:58008"/>
<add baseAddress="http://CONW-W7-PHILLP:8888"/>
</baseAddresses>
</host>
</service>
</services>
<bindings>
<netTcpBinding>
<binding name="TcpBindingConfig">
<security mode="Message">
<message clientCredentialType="Certificate"/>
</security>
</binding>
<binding name="TcpLargeFileBinding" maxReceivedMessageSize="1048576" transferMode="Streamed">
<security mode="Transport">
<transport clientCredentialType="Certificate"/>
</security>
</binding>
</netTcpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="MEXGET">
<serviceDiscovery/>
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
<serviceCredentials>
<serviceCertificate findValue="CN=AtcCert" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectDistinguishedName"/>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
这里是客户端代码。
{C} IAtcSystemService GetServiceProxy()
{
var myAddress = new EndpointAddress(mServiceAddress.Uri, mIdentity,
mServiceAddress.Headers,
mServiceAddress.GetReaderAtMetadata(),
mServiceAddress.GetReaderAtExtensions());
var factory = new ChannelFactory<IAtcSystemService>(mBinding, myAddress);
factory.Credentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser,
StoreName.My, X509FindType.FindBySubjectDistinguishedName,
"CN=AtcCert");
factory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode
= X509CertificateValidationMode.ChainTrust;
return factory.CreateChannel();
}