Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

WCF and No Listening EndPoint with Load Balancer and SSL

Posted on 2013-11-01
15
1,831 Views
Last Modified: 2016-02-26
Hi,

I am having an issue where I have a machine with a load balancer and SSL.

It seems that everything appears to be deployed to that server under IIS. I can even "Add Service Reference" from a client app.

However, when I execute it I get a problem when I attempt to process the operation contract. I get a:

"There was no endpoint listening at https://my.test.com/TestService/Service1.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details."

When I look at the InnerException I see:

"The remote server returned an error: (404) Not Found."

Attached is my server web.config.

What could be the cause and how could I resolve that?

Any information would be greatly appreciated as this has stumped me.

Thanks
Web.config
0
Comment
Question by:davism
  • 8
  • 5
  • 2
15 Comments
 
LVL 1

Author Comment

by:davism
ID: 39617962
Anybody have any possible resolutions. I am stumped on this one.
0
 
LVL 25

Expert Comment

by:apeter
ID: 39618707
Enable tracing to see exact error. http://msdn.microsoft.com/en-us/library/ms733025(v=vs.110).aspx


Also can we have your client config file please ? It should match your server config.
0
 
LVL 12

Expert Comment

by:deanvanrooyen
ID: 39619990
try it without https, make sure everything up to the server is working, you might need secure binding on the server side...

http://www.codeproject.com/Articles/36705/7-simple-steps-to-enable-HTTPS-on-WCF-WsHttp-bindi
0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 
LVL 1

Author Comment

by:davism
ID: 39620729
deanvanrooyen, the configuration of the IIS on the server supports multiple sites already. It has a server certificate.  So, I cannot really disable HTTPS because it's not a site cert.

I am already aware of the link you provided. But the security of transport and the clientCertificate of none identifies that an SSL connection is necessary.

If there is any other info you have that would be greatly appreciated.

apete, I have previously done the trace with the listener, it did not show anything different than the message I mentioned about no listening endpoint and the 404. I will do it again though and post the trace file, as soon as I get a chance.

I can say this though, I tried to simulate as much as possible on with another site and another computer pointing service on the computer I developed the service on. The bottom line, the main difference is not only the certicate (I used a self cert) but the client app I have trusted all certs for this anyway and the other difference was the load balancer - the results: it worked.  So, this to me is pointing at the load balancer. Would that be a fair assessment? Or could there be something I'm else I'm missing with the use of a load balancer?
0
 
LVL 25

Expert Comment

by:apeter
ID: 39621337
In the production are you pointing to your load balancer from client or pointing to your actual servers behind it ? I think you are doing the later.
0
 
LVL 1

Author Comment

by:davism
ID: 39621454
You are correct. It's the later. The web service is deployed on all the servers comprising the servers that the load balancer utilizes.
0
 
LVL 25

Expert Comment

by:apeter
ID: 39621464
Can you access this in IE browser ? https://my.test.com/TestService/Service1.svc.
0
 
LVL 1

Author Comment

by:davism
ID: 39622094
My bad, sorry for the delayed response. Yes, I am able to access it from the web browser. In fact, that is the only way I am even able to do the "Add Service Reference" in VS as well. It is a simple test whereas the OperationContract would only return back the string "Hello World".

The client app will connect to it but as soon as I execute the method that is when I get the endpoint issue.

I am working to get that listener information ASAP to you.
0
 
LVL 1

Author Comment

by:davism
ID: 39622182
apeter,

Here is the Traces.svclog that I produced from the client. Maybe I am missing something but I do not see anything significant; it even lists the endpoint not listening. But in fact, I had use same URL to even to the "Add service reference".

Rename the .txt to .svclog.

Does this tell you much?
Traces.txt
0
 
LVL 25

Accepted Solution

by:
apeter earned 500 total points
ID: 39623743
I think your problem maybe due to https. Please verify whether you have configured as given here, http://www.codeproject.com/Articles/24027/SSL-with-Self-hosted-WCF-Service
0
 
LVL 1

Author Comment

by:davism
ID: 39624461
That is essentially what is there. Obviously specific to the service though for the contract and all.

However, the one thing that is not there is the <Host> with the baseAddresses:
<host>
          <baseAddresses>
            <add baseAddress="https://chrise:10081/TestWCFService" />
          </baseAddresses
</host>


What is the significance of that and would/could it resolve the load balancer issue? I am thinking not because I haven't seen any reference specific to that. BUT I could be wrong.
0
 
LVL 25

Expert Comment

by:apeter
ID: 39624764
This should not cause any problem.

when you use base address, you don't need to provide absolute URI for your endpoints. When you host the WCF service on IIS, the base address can only be the URL to the .svc file. If you specify any other base address, it's ignored. You can still specify the relative URI for your endpoints, such as address="basic" or address = "ws". Then the address on the endpoint becomes <URL to the .svc file>/basic and <URL to the .svc file>/ws in this case.

Is it possible to test the service with http instead of https.
0
 
LVL 1

Author Closing Comment

by:davism
ID: 39625602
apeter, we finally got it but this posting that you did make us think more on it. We have a server side cert on the server...not on the site. What we going on was that there was the connection with the server to get to the web service but then we also had cert attempts going on when it was already on our server.

We finally got it by using the SSL to get to the server but once at the server in internally we had to have the straight HTTP.

We did have to do a slight variation on the client side as that endpoint reference still needed the SSL on the URL.

It all appears good, for now, that we can tell.

Thanks for the insight about the SSL! Apprecaite it!
0
 
LVL 12

Expert Comment

by:deanvanrooyen
ID: 39631972
a lot of big organisations that run their own infrastructure will ssl to an intermediately before hitting the web server, this allows you to run specialized hardware to manage the ssl, but technically in this case your transport level is not 100% true, even if the non secure is internal.
0
 
LVL 1

Author Comment

by:davism
ID: 39635174
That is correct. In may and likely will have an impact on two-way authentication as well. Thx for the info!
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Exception Handling is in the core of any application that is able to dignify its name. In this article, I'll guide you through the process of writing a DRY (Don't Repeat Yourself) Exception Handling mechanism, using Aspect Oriented Programming.
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question