views:

360

answers:

1

Hi everybody

We are currently migrating a WCF service from IIS 6 to IIS 7. The service contains some non-SSL endpoints for internal streaming purposes and some exposed endpoints secured with SSL.

The public, secure endpoints are implemented using wsHttpBinding and security mode="TransportWithMessageCredential". The binding reads as follows:

<wsHttpBinding>
  <binding name="CustomSecurityBinding">
    <security mode="TransportWithMessageCredential">
      <message clientCredentialType="UserName" />
    </security>
  </binding>
</wsHttpBinding>

The credentials are authenticated against a custom user repository for validation.

After deploying the service to IIS 7 (64bit Win2k8), all services (basicHttpBindings) respond correctly, expect for the wsHttpBindings. If triggered using https, we always get a HTTP 400 status code (Bad Request).

After enabling tracing in IIS, we could kinda narrow down the problem, although the message from the trace did not really help:

MODULE_SET_RESPONSE_ERROR_STATUS Warning
ModuleName="ManagedPipelineHandler", Notification="EXECUTE_REQUEST_HANDLER",
HttpStatus="400", HttpReason="Bad Request", HttpSubStatus="0", ErrorCode="Der
Vorgang wurde erfolgreich beendet. (0x0)", ConfigExceptionInfo="" 

Steps done so far:

  • re-installed WCF extensions in IIS 7 (ServiceModelReg.exe -r -y)
  • enabled https protocol for host, added self-signed certificate to host
  • played around with dns/identity setting in wcf configuration
  • added a base address to wcf service config

After 2 hours of googling and trying to make this work, i ask you as a last resort of hope: Does anybody know this strange behaviour of IIS 7?

A: 

Have you verified that the SSL binding is configured in applicationHost.config (%windir%\system32\inetsrv\config\schema\IIS_Schema.xml) and that the HTTP.sys store contains a valid certificate has and store name for the binding? Secondly, the true error could be masked by the 400 error, have you tried altering your wsHttpBinding in configuration to increase the maxBufferPoolSize and maxReceivedMessageSize to some extremely high values and see if this continues?

RandomNoob
How can i check for the SSL binding inside applicationHost.config? I searched for ssl inside the xml file, but only found irrelevant settings.The certificate is installed correctly, setting maxReceivedMessageSize="2147483647" maxBufferPoolSize="2147483647" on the wsHttpBinding still leads to HTTP 400.0 status code.
schaermu
Do you see a <sites> section? There should be a bindings section within it, inside bindings there should be a protocol which should have https
RandomNoob
thanks alot, binding was missing :) working like a charm now!
schaermu