C# RESTService with SSL/Https

Question

RESTService를 보호하려고하는데 https를 활성화하면 ERR_CONNECTION_RESET 메시지가 나타납니다! 나는 파이어 폭스에 내 RESTService을 열 때

  Type type = pluginDto.plugin.GetType(); 

      ServiceHost oNewRESTHost = new WebServiceHost(type, new Uri[] { new Uri(sBaseAddress) }); 
      oNewRESTHost.Credentials.ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindBySerialNumber, ConfigDto.loadConfig(ConfigDto.CERT_SERIAL)); 

      BackendContext.Current.Log.WriteLine(String.Format("Created new service rest host '{0}'", pluginDto.plugin.Name)); 

      WebHttpBinding binding = new WebHttpBinding(); 
      binding.Security.Mode = WebHttpSecurityMode.Transport; 
      binding.TransferMode = TransferMode.Streamed; 
      binding.MaxReceivedMessageSize = 50000000; 

      foreach(Type oServiceInterface in pluginDto.plugin.getRestServiceInterface()) 
      { 
       String sRestAdress = String.Format("{0}/{1}", sBaseAddress, oServiceInterface.Name); 
       ServiceEndpoint oWebEndpoint = oNewRESTHost.AddServiceEndpoint(oServiceInterface, binding, sRestAdress); 
       oHosts.Add(oNewRESTHost); 

       var behavior = new BackendEndpointWebBehavior() 
       { 
        AutomaticFormatSelectionEnabled = false, 
        FaultExceptionEnabled = false, 
        HelpEnabled = false, 
        DefaultOutgoingRequestFormat = System.ServiceModel.Web.WebMessageFormat.Json, 
        DefaultOutgoingResponseFormat = System.ServiceModel.Web.WebMessageFormat.Json, 
        DefaultBodyStyle = System.ServiceModel.Web.WebMessageBodyStyle.Wrapped, 
       }; 
       oWebEndpoint.Behaviors.Add(behavior); 
       oNewRESTHost.Open(); 

       BackendContext.Current.Log.WriteLine(String.Format("Added endpoint '{0}'", sRestAdress)); 
      } 

이 나를 tolds이 내 코드가 RESTService를 시작하는 것입니다 여기

public void generateCert() 
    { 
     String certSerial = ConfigDto.loadConfig(ConfigDto.CERT_SERIAL); 

     X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine); 
     store.Open(OpenFlags.ReadWrite); 

     BackendContext.Current.Log.WriteLine("Search for certificate with serialnumber: " + certSerial); 

     int count = store.Certificates.Find(X509FindType.FindBySerialNumber, certSerial, false).Count; 
     if(count == 1) 
     { 
      BackendContext.Current.Log.WriteLine("Certificate found"); 
      return; 
     } 

     if(count >1) 
     { 
      BackendContext.Current.Log.WriteLine("More then one certificate found - remove all!"); 
      store.RemoveRange(store.Certificates.Find(X509FindType.FindBySerialNumber, certSerial, false)); 
     } 

     using (CryptContext ctx = new CryptContext()) 
     { 
      ctx.Open(); 



      X509Certificate2 cert = ctx.CreateSelfSignedCertificate(
       new SelfSignedCertProperties 
       { 
        IsPrivateKeyExportable = true, 
        KeyBitLength = 4096, 
        Name = new X500DistinguishedName("cn="+BackendContext.Current.Config.Hostname), 
        ValidFrom = DateTime.Today.AddDays(-1), 
        ValidTo = DateTime.Today.AddYears(10), 
       }); 
      store.Add(cert); 

      BackendContext.Current.Log.WriteLine("Create certificate with serialnumber: " + cert.SerialNumber); 
      ConfigDto.saveConfig(ConfigDto.CERT_SERIAL, cert.SerialNumber); 

     } 

     store.Close(); 
    } 

그리고 다음은

는 인증서를 생성하는 내 코드입니다 수신 된 데이터를 인증 할 수 없기 때문에 웹 사이트를로드 할 수 없습니다.

나는 인증서를 올바르게 만들지 않는다고 생각합니다.

아이디어가 있으십니까?

Answer 1

당신은 당신의 SSL 설정 (당신의 URL과 함께이 YOUR_WEB_SERVICEURL_HERE를 교체해야합니다) 확인하려면이 옵션을 사용할 수 있습니다

https://www.ssllabs.com/ssltest/analyze.html?d=[YOUR_WEB_SERVICEURL_HERE]&hideResults=on