Does setting Security Mode = Transport automatically make it secure in a HTTPS web service?

Question

I have a web service and we're currently hosting it in a HTTPS site.

My binding is this.

  <wsHttpBinding>
    <binding maxReceivedMessageSize="2000000" >
      <readerQuotas  maxStringContentLength="2147483647"   />
      <security mode="Transport">
      </security>
    </binding>
  </wsHttpBinding>

And it seems to work well. But my main aim is to make sure the web service requests and responses are encrypted. I don't know much about web services but is that all there is to it?

Just use HTTPS and put this line in your configuration?

  <security mode="Transport">
  </security>

Or is there more to it? How can I know if the message's sent are encrypted or not?

Answer 1

Yes that's all. The mode Transport demands transport level security which in your case means HTTPS. If you want to see that messages are encrypted you must use some network monitoring tool (Fiddler, WireShark, etc.)