A.makecert -sr localmachine -ss My -n CN=TopupProxyServer -sky exchange -pe -r B.检索证书的指纹 ,证书名TopupProxyServer C.设置 wsHttpBinding.binding的security mode为TransportWithMessageCredential;clientCredentialType为UserName

<binding name="WSHttpBinding_ITerminalHandler" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="12000000" maxReceivedMessageSize="12000000" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="false" allowCookies="false">      <readerQuotas maxDepth="32" maxStringContentLength="12000000" maxArrayLength="12000000" maxBytesPerRead="4096" maxNameTableCharCount="16384" />      <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" />      <security mode="TransportWithMessageCredential">       <!--<transport clientCredentialType="None" />-->       <message clientCredentialType="UserName" />      </security>     </binding>

D.设置<services>下的 service的binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_ITerminalHandler",注意如果是https的话， 那么<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange"/>里面的binding应该是"mexHttpsBinding"

<service behaviorConfiguration="ACS.AFC.DeferredTopup.Proxy.TerminalHandlerBehavior"     name="ACS.AFC.DeferredTopup.Proxy.TerminalHandler">         <endpoint address="" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_ITerminalHandler"      contract="ACS.AFC.DeferredTopup.Proxy.ITerminalHandler">      <identity>       <dns value="localhost" />      </identity>     </endpoint>     <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange"/>      <host>       <baseAddresses>        <add baseAddress="https://localhost:444/"/>       </baseAddresses>      </host>         </service>

E.设置behavior 注意<serviceMetadata httpsGetEnabled="true" />里面使用的是httpsGetEnabled

<behavior name="ACS.AFC.DeferredTopup.Proxy.TerminalHandlerBehavior">      <serviceAuthorization principalPermissionMode="Custom">       <authorizationPolicies>        <add policyType="ACS.AFC.HostSecurityModule.AuthorizationPolicy, ACS.AFC.HostSecurityModule" />       </authorizationPolicies>      </serviceAuthorization>      <serviceThrottling maxConcurrentCalls="200" maxConcurrentSessions="200"       maxConcurrentInstances="200" />      <serviceMetadata httpsGetEnabled="true" />      <serviceDebug includeExceptionDetailInFaults="true" />      <serviceCredentials>       <clientCertificate>        <authentication certificateValidationMode="None" />       </clientCertificate>       <serviceCertificate findValue="TopupProxyServer" storeLocation="LocalMachine"        x509FindType="FindBySubjectName" />       <userNameAuthentication userNamePasswordValidationMode="Custom"        customUserNamePasswordValidatorType="ACS.AFC.HostSecurityModule.CustomUsernamePasswordValidator,ACS.AFC.HostSecurityModule" />      </serviceCredentials>     </behavior>