WCF service under https environment

Question

I've created and tested WCF service, everything works fine.

When I deployed to TEST environment and tried to open https://my.site/myapp/EnrollmentService.svc I've got the error message:

Could not find a base address that matches scheme http for the endpoint with binding MetadataExchangeHttpBinding. Registered base address schemes are [https].

Internet showed me that I need to add some more configuration options:

http://www.codeproject.com/KB/WCF/7stepsWCF.aspx

I've added some settings to service web.config file. Now it looks like in the following way:

<system.serviceModel>
<services>
  <service name="McActivationApp.EnrollmentService" behaviorConfiguration="McActivationApp.EnrollmentServicBehavior">
    <endpoint 
      address="https://my.site/myapp/EnrollmentService.svc"
      binding="basicHttpBinding"
      bindingConfiguration="TransportSecurity"
      contract="McActivationApp.IEnrollmentService"/>
    <endpoint address="mex" binding="mexHttpBinding" contract="McActivationApp.IEnrollmentService" />
  </service>
</services>
<behaviors>
  <serviceBehaviors>
    <behavior name="McActivationApp.EnrollmentServicBehavior">
      <serviceMetadata httpGetEnabled="True"/>
      <serviceDebug includeExceptionDetailInFaults="False" />
    </behavior>
  </serviceBehaviors>
</behaviors>
<bindings>
  <basicHttpBinding>
    <binding name="TransportSecurity">
      <security mode="Transport">
        <transport clientCredentialType="None" />
      </security>
    </binding>
  </basicHttpBinding>
</bindings>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
</system.serviceModel>

Actually, I've added "bindings" section and specified it for my endpoint.

But this changed nothing...

Please advise, what I need to do. Thanks a lot!

P.S. Are there any differences in WCF service consuming from https and http resources?

Answer 1

When you want to expose your service only over HTTPS (site does not support HTTP at all) you can't use anything that is dependent on HTTP. Your current configuration exposes help page on HTTP and also mex endpoing (with wrong contract) on HTTP. So try this:

<system.serviceModel> 
  <services>   
    <service name="McActivationApp.EnrollmentService" behaviorConfiguration="McActivationApp.EnrollmentServicBehavior">     
      <endpoint address="" binding="basicHttpBinding" bindingConfiguration="TransportSecurity" contract="McActivationApp.IEnrollmentService"/>     
      <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />   
    </service> 
  </services> 
  <behaviors>   
    <serviceBehaviors>     
      <behavior name="McActivationApp.EnrollmentServicBehavior">         
        <serviceMetadata httpsGetEnabled="True"/>       
        <serviceDebug includeExceptionDetailInFaults="False" />     
      </behavior>   
    </serviceBehaviors> 
  </behaviors> 
  <bindings>   
    <basicHttpBinding>     
      <binding name="TransportSecurity">       
        <security mode="Transport">         
          <transport clientCredentialType="None" />       
        </security>     
      </binding>   
    </basicHttpBinding> 
  </bindings> 
  <serviceHostingEnvironment aspNetCompatibilityEnabled="true" />      
</system.serviceModel>

Answer 2

To fix the problem by allowing HTTP, you need to add a http binding in IIS:

1. Navigate to your site in IIS
2. Click 'Bindings...' in the Actions panel on the right.
3. Click 'Add'
4. Select 'http' and OK out.

Alternatively, you can prevent the problem by either deleting the line, or changing:

<serviceMetadata httpGetEnabled="True"/>

to:

<serviceMetadata httpsGetEnabled="True"/>

Answer 3

You have got http metadata endpoint that should be changed to https as below.

<serviceMetadata httpsGetEnabled="True"/>  

Also if not necessary you should remove the mex and https metadata endpoint from production as a best practice.