问题
I run WCF service exposes API on local machine (https://localhost:8080/MyApi), self signed SHA-256 certificate registered on local machine, executed "netsh http add sslcert ipport=0.0.0.0:8080 certhash=... appid=..." and when browsing to https://localhost:8080/MyApi from Chrome it shows ERR_CONNECTION_RESET.
Now the funny part:
- Works fine with Chrome v41. Happened only after upgrading to Chrome v69 (and same on v71).
- Browsing from IE works well.
- Calling the API from PowerShell web-invoke works either.
- Same everything on Windows 10 works fine.
- Modifying #allow-insecure-localhost to ENABLED works on Windows 10, but not on Windows 8 Embedded.
After activating chrome logging found this:
{"params":{"net_error":-101,"os_error":10054},"phase":0,"source":{"id":7810,"type":8},"time":"52598608","type":68},
{"params":{"error_lib":33,"error_reason":101,"file":"../../net/socket/socket_bio_adapter.cc","line":154,"net_error":-101,"ssl_error":1},"phase":0,"source":{"id":7810,"type":8},"time":"52598608","type":54},
Additional Chrome logging:
[8652:5036:0107/174231.775:ERROR:ssl_client_socket_impl.cc(1013)] handshake failed; returned -1, SSL error code 1, net_error -101 [8652:5036:0107/174231.793:ERROR:ssl_client_socket_impl.cc(1013)] handshake fail ed; returned -1, SSL error code 1, net_error -101 [8652:5036:0107/174231.795:ERROR:ssl_client_socket_impl.cc(1013)] handshake fail ed; returned -1, SSL error code 1, net_error -101
Do you have any idea how to make Chrome access successfully my WCF localhost server?
回答1:
How do you publish your wcf service? I would like you could post more details about your service. I followed your steps while could not reproduce your problem.
Here is my demo, wish it is useful to you.
Server (Console application,IP: 10.157.13.69).
class Program
{
static void Main(string[] args)
{
using (ServiceHost sh = new ServiceHost(typeof(MyService)))
{
sh.Opened += delegate
{
Console.WriteLine("service is ready...");
};
sh.Closed += delegate
{
Console.WriteLine("Service is closed");
};
sh.Open();
Console.ReadLine();
sh.Close();
}
}
}
[ServiceContract]
public interface IService
{
[OperationContract]
[WebGet]
string SayHello();
}
public class MyService : IService
{
public string SayHello()
{
return $"Hello, busy world\n{DateTime.Now.ToShortTimeString()}";
}
}
app.config
<system.serviceModel>
<services>
<service name="Server6.MyService" behaviorConfiguration="mybeh">
<endpoint address="" binding="webHttpBinding" contract="Server6.IService" behaviorConfiguration="rest" bindingConfiguration="mybinding" >
</endpoint>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange"></endpoint>
<host>
<baseAddresses>
<add baseAddress="https://localhost:13060"/>
</baseAddresses>
</host>
</service>
</services>
<bindings>
<webHttpBinding>
<binding name="mybinding">
<security mode="Transport">
<transport clientCredentialType="None"></transport>
</security>
</binding>
</webHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="mybeh">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"></serviceMetadata>
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="rest">
<webHttp/>
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>
Binding the certificate to the ip port
netsh http add sslcert ipport=0.0.0.0:13060
certhash=6e48c590717cb2c61da97346d5901b260e983850 appid={AA228B95-6613-4D58-9236-2C263AFDF231}
Result. these browser version is all V71.0
Local.
Remote mechine.
Browser.
Feel free to let me know if there is anything I can help with.
来源:https://stackoverflow.com/questions/54091805/chrome-v71-err-connection-reset-on-self-signed-localhost-on-windows-8-embedded