Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

WCF SSL endpoint address is not HTTPS

Tags:

ssl

wcf

Im trying to host my SSL WCF service locally on my PC (IIS 7) and for some reason i cant connect to it. What i need is to use SSL and send in credntials to authenticate the user before calling some function.

When i connect to it, i get There was no endpoint listening at https://[computer name]/YYY.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.

the inner message is The remote server returned an error: (404) Not Found.

What i have noticed is that when i access the WSDL (hosted over https) the endpoint address is not http*S* and i think that is why my service is probably failing.

here is part of my WSDL

<wsdl:service name="WSNAME">
<wsdl:port name="WSHttpBinding_INams" binding="tns:WSHttpBinding_INams">
 <soap12:address location="http://[computer name]/YYY.svc" /> 
  <wsa10:EndpointReference>
    <wsa10:Address>http://[computer name]/YYY.svc</wsa10:Address> 
     <Identity xmlns="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity">
       <Spn>host/[computername]</Spn> 
     </Identity>
 </wsa10:EndpointReference>

This is my service config file

 <service behaviorConfiguration="test" name="NewServiceType">
    <endpoint address="https://[computer name]/YYY.svc" binding="wsHttpBinding"
      bindingConfiguration="WsBinding" name="WS" contract="Authentication2.INams" />
    <endpoint address="mex" binding="mexHttpBinding" name="MX" contract="IMetadataExchange" />
    <host>
      <baseAddresses>
        <add baseAddress="https://[computer name]/XXX.svc" />
      </baseAddresses>
    </host>

can anyone point out what am i doing wrong?

my web.config

   <system.serviceModel>
<protocolMapping>
  <remove scheme="http" />
  <add scheme="http" binding="wsHttpBinding" />
</protocolMapping>
<bindings>
  <wsHttpBinding>
    <binding name="wsbinding">
      <security mode="TransportWithMessageCredential">
        <transport proxyCredentialType="Basic" />
        <message clientCredentialType="UserName" />
      </security>
    </binding>
  </wsHttpBinding>
</bindings>
<services>
  <service name="NewServiceType">
    <endpoint address="/WS" binding="wsHttpBinding"
      bindingConfiguration="wsbinding" name="WS" contract="Authentication3.IService1" />

    <endpoint address="mex" binding="mexHttpBinding" bindingConfiguration=""
      name="MX" contract="IMetadataExchange" />
  </service>
</services>
<behaviors>
  <serviceBehaviors>
    <behavior name="">
      <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"
        httpsGetUrl="https://[computerName]/Service1.svc" />
      <serviceDebug includeExceptionDetailInFaults="false" />
    </behavior>
  </serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="false" />

like image 695
biso Avatar asked Aug 13 '12 16:08

biso


2 Answers

FOUND IT !!

WCF service returns 404 over https but not http

the problem is that my service element name was what the editor adds by default "MyNewService" or whatever the default name is. You HAVE to use the fully qualified name..

<services>
  <service name="[Namespace].[service class name]">

This cost me over 2 long days of constant work and research. If this works for you, please vote that guys answer up - NO ONE has ever mentioned this point .. i couldnt because im still new

like image 192
biso Avatar answered Oct 09 '22 07:10

biso


Your endpoint has a bindingConfiguration attribute defined of WsBinding. There should be a section of the web.config that defines this configuration, including the security mode to be used (presumably transport or transportWithMessageCredential if you want to use SSL).

For example:

<bindings>
  <wsHttpBinding>
    <binding name="WsBinding">
       <security mode="Transport">
         <transport clientCredentialType="Windows" />
       </security>
    </binding>
  </wsHttpBinding>
</bindings>

Additionally you'll need to configure IIS with a binding listening on 443, referencing an appropriately named SSL certificate.

For a credential type of windows:

This corresponds to integrated Windows authentication in IIS. When set to this value, the server is also expected to exist on a Windows domain that uses the Kerberos protocol as its domain controller. More details on this on the MSDN WCF transport security page

Alternatively you can use TransportWithMessageCredential. This uses SSL to encrypt the connection, and the credentials are passed in the message itself (effectively username and password in the SOAP header). In that case your binding configuration looks more like:

       <security mode="TransportWithMessageCredential">
         <transport clientCredentialType="None" />
         <message clientCredentialType="Username" />
       </security>

You then need to define a password validator behavior on the service to check the user and password. Here's some more info on that: http://msdn.microsoft.com/en-us/library/aa354508.aspx

like image 30
Kris C Avatar answered Oct 09 '22 07:10

Kris C