tags:

views:

828

answers:

1

I have a WCF web service that works perfectly with an http address, but since then I've needed to make sure it works over https.

Because I am using IIS 7, the process was pretty easy to get the web site https binding up and running using this guide here

I opened up a browser, and got the usual security prompts, but everything worked fine after I added the exception.

I then decided to install the certificate because the certificate is local host, the server and client are the same machine - and let the wizard, automatically detect the location.

I went back to my WCF CLIENT code, this is the client that calls the web services hosted in IIS (now https) and changed the binding in 2 places.

  1. Changed the address of the end point to https
  2. Changed the Security Mode to transport

Ran the code and then got this error:

"Could not establish trust relationship for the SSL/TLS secure channel with authority 'localhost'."

Lastly I went back into IIS and under SSL settings, changed the setting to accept client certificates, and tried required checked or not, both times same error is produced.

Any idea how to fix this?

Update Issue 1 fixed - this was because certificate was issued to machine_name and I was using localhost in the configuration.

Now that this works I am getting another issue:

There was no endpoint listening at https://%5Bmachine%5Fname%5D/Downloads.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details."

Inner exception = "The remote server returned an error: (404) Not Found."

Checked the web.config of the IIS site, and changed the DNS bindings to localhost.

Still having fun with this, but according to Microsoft, this is exactly why WCF should be good, because it seperates the transport from the coding logic, but so far I have to tell you, it seems really complicated.

Update

turned off windows firewall, did not help...

Here is my binding in web.config

<basicHttpBinding>
     <binding name="IncreasedTimeout" 
              closeTimeout="12:00:00" openTimeout="12:00:00"
              receiveTimeout="12:00:00"
              maxReceivedMessageSize="1000000"
              sendTimeout="12:00:00">
       <security>
         <transport></transport>
       </security>
     </binding>
</basicHttpBinding>
A: 

You most likely need to add explicit base addresses for the both protocols so WCF knows you want to bind to both. Try adding this to your <service> definition:

<host>
    <baseAddresses>
        <add baseAddress="http://your-hostname-here/" />
        <add baseAddress="https://your-hostname-here/" />
    </baseAddresses>
</host>

Also, make sure you're accessing the service via the machine's WINS/DNS name or you need to add an explicit host header to the web site instance under IIS.

Drew Marsh