Why my WSDL still shows basic http binding with the location value of http?

Question

I enabled https binding, but my WSDL has soap address of http. Any ideas why? Thanks!

<wsdl:service name="XXXX"><wsdl:port name="BasicHttpBinding_XXXXService" binding="i0:BasicHttpBinding_XXXService">
    <soap:address location="http://dev-soa-app/XXXX/XXXX/XXXService.svc"/></wsdl:port>
</wsdl:service>

Here is my web.config file:

<?xml version="1.0"?>
<configuration>

  <system.web>
    <customErrors mode="Off"/>
    <compilation debug="true" targetFramework="4.0" />
  </system.web>
  <configProtectedData>
    <providers>
      <add name="ConnStrings" type="System.Configuration.RsaProtectedConfigurationProvider, System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" keyContainerName="ConnStrings" cspProviderName="" useMachineContainer="true" useOAEP="false"/>
    </providers>
  </configProtectedData>
  <connectionStrings configSource="ConnStrings\ConnStrings.config"/>
  <system.serviceModel>
    <services>
      <service name="XXXXService">
        <!-- Use a bindingNamespace to eliminate tempuri.org -->
        <endpoint address=""  name="XXXXService"
                  binding ="wsHttpBinding" bindingConfiguration="TransportSecurity"
                  bindingNamespace="WF.CT2.WebServices.XXXXService"
                  contract="WF.CT2.WebServices.XXXXService.SAMLService" />
        <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange"/>
      </service>
    </services>
    <bindings>
      <wsHttpBinding>
        <binding name="TransportSecurity">
          <security mode="Transport">
            <transport clientCredentialType="None"/>
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
    <behaviors>
      <serviceBehaviors>
        <behavior>
          <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
          <serviceMetadata httpsGetEnabled="true" httpGetEnabled ="false" />
          <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
          <serviceDebug includeExceptionDetailInFaults="false"/>
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
  </system.serviceModel>
  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>

</configuration>

Answer 1

First of all, you should realize that the URL in the service element of the WSDL is only a hint. Your clients should not be depending on this being the correct address of the service.

Second, realize that if your service is hosted in IIS, then it is IIS which determines the address to place in that element, based on your bindings in IIS. I suspect that you have both HTTP and HTTPS enabled on the site hosting the service. You can usually switch this to just HTTPS by setting the "Require SSL" property on the SSL page in IIS Manager.