当前位置: 动力学知识库 > 问答 > 编程问答 >

ssl - HTTPS between Azure Service Fabric services

问题描述:

I have the following scenario:

  1. A stateless service with a self-hosted OWIN WebApi. This provides a RESTful client-facing api.
  2. A stateful service, again with a self-hosted OWIN WebApi.
  3. After locating the correct stateful service partition, the stateless service calls into stateful service to access state. It does so via HTTP/HTTPS into the WebApi.

This configuration works fine running on the local cluster and an Azure cluster over HTTP. I'm running into problems though with HTTPS.

Using a self-signed cert I'm able to use HTTPS between the client and the stateless front-end service. However, I can't seem to get the configuration quite right to allow the stateless service to communicate with the stateful service over HTTPS.

I get an exception when the stateless service makes the request to the stateful service. "The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel." That has an inner exception of "The remote certificate is invalid according to the validation procedure".

I'm a bit fuzzy on security on service fabric, but have read through several articles, SO posts, blogs, etc. on the subject.

Here are my questions:

  1. At a high level, what is the proper way to secure interservice communication in my scenario?
  2. Is a self-sign cert supported in this scenario?

网友答案:

Are the two services in the same cluster? If so, why not just call the stateful service from the stateless one using ServiceProxy?

You can use a self-signed certificate - the error you're seeing is not specific to Service Fabric. There are several ways to bypass it (although obviously it's not recommended to do that in production). Take a look at this SO question: C# Ignore certificate errors?

分享给朋友:
您可能感兴趣的文章:
随机阅读: