1
votes

We have a WCF RIA domain service with

[EnableClientAccess(RequiresSecureEndpoint = true)]

We have the website set to use http and https. We have a client access policy file in the root of the website like this:

<access-policy>
<cross-domain-access>
<policy>
  <allow-from http-request-headers="*">
    <domain uri="http://*"/>
    <domain uri="https://*"/>
  </allow-from>
  <grant-to>
    <resource include-subpaths="true" path="/"/>
  </grant-to>
</policy>
</cross-domain-access>
</access-policy>

When we access the Silverlight application over https everything is fine. When we access it over http we get the following error:

Invoke operation 'Working' failed. An error occurred while trying to make a request to URI 'https://localhost/ClientBin/SilverlightApplication3-Web-DomainService1.svc/binary/Working'. This could be due to attempting to access a service in a cross-domain way without a proper cross-domain policy in place, or a policy that is unsuitable for SOAP services. You may need to contact the owner of the service to publish a cross-domain policy file and to ensure it allows SOAP-related HTTP headers to be sent. This error may also be caused by using internal types in the web service proxy without using the InternalsVisibleToAttribute attribute. Please see the inner exception for more details.

Which implies that our policy file is incorrect, but can't see what. Any ideas?

1

1 Answers

1
votes

The reason that it wasn't working was that we were using a self-signed certificate, generated withe the machine name and then using localhost on the url. The url has to match to ensure that the ssl gets no certificate errors.

A good way to check this was to run the entire site over https and ensure that the browsers do not give a certificate error.