Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Help moving a WCF web service on IIS6 from http to https

Posted on 2011-03-18
4
Medium Priority
?
733 Views
Last Modified: 2012-05-11
In the past, I've create asmx web services. Now I've created my first web service in WCF, really by following a cookbook example. It deploys and runs fine on IIS6 under http. I'm running into problems moving it to https, though.

Asmx web services neither knew nor cared whether they were connected to via http or https - they weren't concerned with transport at all. All I had to do was install a cert in IIS, configure the SSL port, and I was in business.

WCF has lots of STUFF, like bindings, contracts, transport configurations, etc. No doubt after studying books and internet articles for a few weeks I could probably figure it out - the problem is I need to get running NOW!

There are actually two problems. One is the general problem that it won't work under SSL without correct configuration. The other is that the URL and Cert name is different from the server machine name, and if I browse to the service to try to obtain the WSDL, it returns a link to the machine name, not the proper URL.

Could someone help me to try to get this running under http? Greatly appreciate it.

Here's my current Web.config file:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
  <system.web>
    <compilation debug="true" targetFramework="4.0">
    </compilation>
  </system.web>
      <system.serviceModel>
            <behaviors>
                  <serviceBehaviors>
                        <behavior>
                              <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
                              <serviceMetadata httpGetEnabled="true" />
                              <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
                              <serviceDebug includeExceptionDetailInFaults="false" />
                        </behavior>
                  </serviceBehaviors>
            </behaviors>
            <serviceHostingEnvironment
      aspNetCompatibilityEnabled="true"
      multipleSiteBindingsEnabled="true"
      />
      </system.serviceModel>
      <system.webServer>
            <modules runAllManagedModulesForAllRequests="true" />
      </system.webServer>
</configuration>


0
Comment
Question by:psyche6
  • 3
4 Comments
 
LVL 15

Expert Comment

by:pcsmitpra
ID: 35178969
The other is that the URL and Cert name is different from the server machine name,
>>>> You need to get a Correct CERT with Correct domain name on it, Otherwise you will remain getting errors.

Is WCF working good without SSL ? Have you registered .svc extension manually . (How To)
You can get it working with SSL but first need to make its working fine without SSL, You can see here to see how to get it over the SSL

Cheers
0
 
LVL 1

Author Comment

by:psyche6
ID: 35193091
Re: pcsmitpra.

Please READ questions before answering! Is WCS working good without SSL? Go back and read: "It deploys and runs fine on IIS6 under http".

Your other link refers to working with SSL accelerators (if you don't know what they are, follow your own link!), and has nothing to do with my question.

Can I award NEGATIVE points?
0
 
LVL 1

Accepted Solution

by:
psyche6 earned 0 total points
ID: 35203589
I had to have it working now, so I paid for a Microsoft Support call. I sent him my Web.config file; he tweaked it and send it back:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
  <system.web>
    <compilation debug="true" targetFramework="4.0">
    </compilation>
    <identity impersonate="true"/>
  </system.web>
  <system.serviceModel>
    <!-- Region added for Https Support -->
    <bindings>
      <basicHttpBinding>
        <binding name="basicBindingConf">
          <security mode ="Transport">
            <transport clientCredentialType="None"></transport>
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
    <services>
      <service behaviorConfiguration="behavior" name="Psychemedics.SampleCollection">
        <endpoint address="" binding="basicHttpBinding" bindingConfiguration="basicBindingConf"
          name="basicEndPoint" contract="Psychemedics.ISampleCollection" />
        <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
      </service>
    </services>
    <!-- Region added for Https Support -->
    <behaviors>
      <serviceBehaviors>
        <behavior name="behavior">
          <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
          <serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"/>
          <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
          <serviceDebug includeExceptionDetailInFaults="false" />
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true"/>
  </system.serviceModel>
</configuration>

It works - note that it's set up for https only, not both http and https. It also fixed the URL problem - when I browse to the service, it returns a correct URL link to the wsdl - not a link using the machine name rather than the correct certificate URL as it was doing before.

I actually almost understand all this ...

0
 
LVL 1

Author Closing Comment

by:psyche6
ID: 35230149
Didn't get an answer here - am posting paid Microsoft solution.
0

Featured Post

Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
The Internet has made sending and receiving information online a breeze. But there is also the threat of unauthorized viewing, data tampering, and phoney messages. Surprisingly, a lot of business owners do not fully understand how to use security t…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question