Host WCF Windows Service on HTTPS

0
votes

I am trying to configure a WCF service hosted using windows service on https.

The service works with http but does not seem to work on https.

Configuration file (works for http):

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
  <system.serviceModel>
    <serviceHostingEnvironment  aspNetCompatibilityEnabled="false" />

    <!-- Set up Custom Behaviors -->
    <behaviors>
      <serviceBehaviors>
        <behavior name="CalculatorServiceBehavior">
          <serviceMetadata httpGetEnabled="true" httpsGetUrl="true" />
          <serviceDebug includeExceptionDetailInFaults="true"/>
        </behavior>
      </serviceBehaviors>
    </behaviors>

    <!-- Set up the binding configuration  -->
    <bindings>
      <wsHttpBinding>
       <binding name="HttpsSOAPBinding">
          <security mode="Transport">
            <transport clientCredentialType="None"/>
          </security>
        </binding>
        <binding name="HttpSOAPBinding">
          <security mode="None" />
        </binding>
      </wsHttpBinding>
    </bindings>

    <services>
      <service name="Microsoft.ServiceModel.Samples.CalculatorService"
               behaviorConfiguration="CalculatorServiceBehavior">
        <host>
          <baseAddresses>
            <add baseAddress="http://server_name:8080/ServiceModelSamples/service"/>
          </baseAddresses>
        </host>
        <endpoint address=""
                  binding="wsHttpBinding"
                  bindingConfiguration="HttpSOAPBinding"
                  contract="Microsoft.ServiceModel.Samples.ICalculator" />
        <endpoint address="mex"
                  binding="mexHttpBinding"
                  contract="IMetadataExchange" />
      </service>
    </services>
    
  </system.serviceModel>
</configuration>

I changed the following settings for https:

  • Change wsHttpBinding endpoint binding configuration to HttpsSOAPBinding
  • Change base address to https://server_name:8080/ServiceModelSamples/service"
  • Change mex endpoint binding to mexHttpsBinding

I have also attached port 8080 to ssl certificate.

netsh http show sslcert

 IP:port                      : 0.0.0.0:8080
 Certificate Hash             : 12ea34b0e1e46b12346ae04834cf1deaefb52f33
 Application ID               : {cba53ac4-6ecf-4a49-8aq3-z6c61e2ce9a1}
 Certificate Store Name       : (null)
 Verify Client Certificate Revocation : Enabled
 Verify Revocation Using Cached Client Certificate Only : Disabled
 Usage Check                  : Enabled
 Revocation Freshness Time    : 0
 URL Retrieval Timeout        : 0
 Ctl Identifier               : (null)
 Ctl Store Name               : (null)
 DS Mapper Usage              : Disabled
 Negotiate Client Certificate : Disabled

Is there anything missing?

1
c#wcfhttps
Are you getting a specific error message? I also notice that your base address in your config file is using http protocol and not https protocol.Brandon Johnson
I am getting "This site can’t be reached" when browsing to the URL. I have updated the base address and changed mex endpoint binding to mexHttpsBindingdeveloper
Are you sure that the firewall is open to be able to hit that server on https?Brandon Johnson
Good point - I am not sure. Should I use an existing https port which works on the server?developer
In addition to adding the certificate to the port, we also need to add the base address of https, for more information about it, you can refer to this link: stackoverflow.com/questions/55284206/…Ding Peng

1 Answers

1
votes

So you indicated that that you aren't sure the port is open. I would try using the telnet command to see if your port is accessible from the machine you are trying to access the service from. For this you will need to use the following command in a command prompt.

telnet 192.168.1.1 8080

Now you will want to replace 192.168.1.1 with your servers IP address.

Another thing you may want to try to find out if your issue is with a firewall or the service would be to log on to the server itself and attempt to hit your service locally on that server.

http://localhost:8080/ServiceModelSamples/service

Of course this is assuming that you have the ability to log onto the server.