Menu
I have a WCF web service that works perfectly with an http address, but since then I've needed to make sure it works over https.
Because I am using IIS 7, the process was pretty easy to get the web site https binding up and running using this guide here
I opened up a browser, and got the usual security prompts, but everything worked fine after I added the exception.
I then decided to install the certificate because the certificate is local host, the server and client are the same machine - and let the wizard, automatically detect the location.
I went back to my WCF CLIENT code, this is the client that calls the web services hosted in IIS (now https) and changed the binding in 2 places.
Ran the code and then got this error:
"Could not establish trust relationship for the SSL/TLS secure channel with authority 'localhost'."
Lastly I went back into IIS and under SSL settings, changed the setting to accept client certificates, and tried required checked or not, both times same error is produced.
Any idea how to fix this?
Update Issue 1 fixed - this was because certificate was issued to machine_name and I was using localhost in the configuration.
Now that this works I am getting another issue:
There was no endpoint listening at https://[machine_name]/Downloads.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details."
Inner exception = "The remote server returned an error: (404) Not Found."
Checked the web.config of the IIS site, and changed the DNS bindings to localhost.
Still having fun with this, but according to Microsoft, this is exactly why WCF should be good, because it seperates the transport from the coding logic, but so far I have to tell you, it seems really complicated.
Update
turned off windows firewall, did not help...
Here is my binding in web.config
<basicHttpBinding>
<binding name="IncreasedTimeout"
closeTimeout="12:00:00" openTimeout="12:00:00"
receiveTimeout="12:00:00"
maxReceivedMessageSize="1000000"
sendTimeout="12:00:00">
<security>
<transport></transport>
</security>
</binding>
</basicHttpBinding>
761
Go to Central Administration =>Security =>Manage Trust. In the ribbon interface, go to Trust Relationships Tab =>Manage group =>Click on New button. In the Root Certificate to trust relationship section, click on Browse. Select the certificate that we have exported.
A common reason you may receive the error Could not establish trust relationship for the SSL/TLS secure channel is because the SSL certificate isn't trusted. If the SSL certificate is not trusted, you will need to install the SSL certificate's root certificate.
An SSL certificate is a digital certificate that authenticates a website's identity and enables an encrypted connection. SSL stands for Secure Sockets Layer, a security protocol that creates an encrypted link between a web server and a web browser.
You most likely need to add explicit base addresses for the both protocols so WCF knows you want to bind to both. Try adding this to your <service> definition:
<host>
<baseAddresses>
<add baseAddress="http://your-hostname-here/" />
<add baseAddress="https://your-hostname-here/" />
</baseAddresses>
</host>
Also, make sure you're accessing the service via the machine's WINS/DNS name or you need to add an explicit host header to the web site instance under IIS.
63
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
