tags:

views:

3138

answers:

5
Q: 

WCF Http Bindings, Require SSL

I have the following binding I'm using with my wsHttpBinding webservice.

<binding name="wsHttpConfig">
  <security>
    <transport clientCredentialType="None"/>
  </security>
</binding>

The issue is that it allows for the client to connect using either Http or Https. I would like to require them to use SSL. I tried adding the following:

<system.web.extensions>
  <scripting>
    <webServices>
      <authenticationService enabled="true" 
         requireSSL = "true"/>
    </webServices>
  </scripting>
</system.web.extensions>

But it had no effect; client could still connect with Http. I then tried checking the "Require SSL" in the IIS7 SSL Settings and had client certificates radio set to Accept. Now, when I try to view the service I am getting the error "Could not find a base address that matches scheme http for the endpoint with binding WSHttpBinding. Registered base address schemes are [https]."

Anyone know exactly how to fix this error? I have been googling for the last 3 hours trying 500 different combinations (not 500, but too many to list) and could not get anything to run.

A: 

Have you read this msdn post?

You must either change

binding="mexHttpBinding"

to

binding="mexHttpsBinding"

or else add an http base address in addition to the https base address. (Right now the metadata endpoint is trying to get hosted on http, rather than https, and there's no base address for that.)

mundeep  2009-06-11 02:49:23
Yup, this is one of the forums I went over a few times. Changing the mexHttpBinding to mexHttpsBinding has no effect.
JoshKraker  2009-06-11 23:53:19
How about adding the http/https base addresses?
mundeep  2009-06-12 00:30:13
http://geekswithblogs.net/dlanorok/archive/2007/07/18/Dynamic-Configuration-for-WCF-Service-Base-Address.aspx <- dynamically adding base address in code
mundeep  2009-06-12 00:35:13
http://msdn.microsoft.com/en-us/magazine/cc163647.aspx <- configuring endpoints in config (goto the "Configuring Service Endpoints" section)
mundeep  2009-06-12 00:39:58
Sorry for the delay in testing the new suggestions. I should get to them this weekend.
JoshKraker  2009-06-17 01:24:30
A: 

must either change

binding="mexHttpBinding"

to

binding="mexHttpsBinding"

or else add an http base address in addition to the https base address. (Right now the metadata endpoint is trying to get hosted on http, rather than https, and there's no base address for that.)

coounity  2010-01-17 02:01:31
A: 

Hi, I configured Web.Config as i mentioned below. When i browse .SVC file, throwing error as Could not find a base address that matches scheme https for the endpoint with binding WebHttpBinding. Registered base address schemes are [http].

SrikanthReddy  2010-01-25 09:40:57
A: 

In a few days I'll post a project with full source code in www.ittraining.com.ar . It works with username/password authentication without SSL, without credentials, without https. It works in any hosting!

Francisco  2010-06-09 23:15:24
A: 

For anyone stumbling across this one from Google, Bing (Bingle, Yangle?) then take a look at a blog post a put together to help others trying to run a secure AuthenticationService in a test environment.

http://www.lukepuplett.com/2010/07/setting-up-wcf-over-ssl-on-iis-7x.html

And good luck!

Luke Puplett  2010-07-19 21:10:52

related questions

Dynamic programming with WCF
WCF Service Returning "Method Not Allowed"
Exceptions in Web Services
What SPN do I need to set for a net.tcp service?
How do I unit test a WCF service?
Best practices for versioning your services with WCF?
Lazy Loading with a WCF Service Domain Model?
How many ServiceContracts can a WCF Service have?
How can I authenticate using client credentials in WCF just once?
WCF - Domain Objects and IExtensibleDataObject
InvalidOperationException while creating wcf web service instance
Closing and Disposing a WCF Service
What WCF best practices do you follow in object model design?
WCF push to client through firewall?
Loading System.ServiceModel configuration section using ConfigurationManager
I would like some tips for debugging WCF Web Service exceptions
What's the best way to authenticate over WCF?
Good Reads for Distributed Systems
.Net - Returning DataTables in WCF
What is the easiest way to add compression to WCF in Silverlight?
WCF Backward Compatibility Issue
Best Practices for securing a REST API / web service
Web Services -- WCF vs. Standard
C# WCF Service - Backward compatibility issue
WCF - High availability