Reputation: 3
Problem calling WCF service internet
I am developing a WCF service that will be called by customer in internet. The service is hosted in IIS7 and accept only http. For clients call us from https we do is have a reverse proxy that forwards the request to the application https to http. The customer give a https url to connect and does so smoothly, adding the reference to the service properly. The problem comes when trying to create a client and add in your endpoint https and execute it, as it reads:
System.ArgumentException: The provided URI scheme 'https' is invalid,
expected 'http'. Parameter name: via.
I leave part of the service's web.config:
<bindings>
<wsHttpBinding>
<binding name="ConfigEP">
<security mode="Message">
<message clientCredentialType="Certificate" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true">
<baseAddressPrefixFilters>
<add prefix="http://serverInterno/App/"/>
</baseAddressPrefixFilters>
</serviceHostingEnvironment>
<services>
<service behaviorConfiguration="App.AppM_NameBehavior" name="App.AppM_Name">
<endpoint address="" behaviorConfiguration="App.AppM_NameEPBehavior" binding="wsHttpBinding" bindingConfiguration="ConfigEP" name="App.AppM_NameEP" bindingNamespace="http://siteName/AppM_Name" contract="App.IAppM_Name" />
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="App.AppM_NameEPBehavior">
<wsdlExtensions location="https://urlsegura/App/Appm_Name.svc" singleFile="true" />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="App.AppM_NameBehavior">
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" />
<serviceCredentials>
<clientCertificate>
<authentication customCertificateValidatorType="App.Validador, App" certificateValidationMode="Custom" />
</clientCertificate>
<serviceCertificate findValue="XX XX XX XX XX XX XX XX XX XX" x509FindType="FindBySerialNumber" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<extensions>
<behaviorExtensions>
<add name="wsdlExtensions" type="WCFExtras.Wsdl.WsdlExtensionsConfig, WCFExtras, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null"/>
</behaviorExtensions>
</extensions>
and here the client's app.config:
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="NewBehavior">
<clientCredentials>
<clientCertificate findValue="XX XX XX XX XX XX XX XX XX XX" x509FindType="FindBySerialNumber" />
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="App.AppM_NameEP" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" />
<security mode="Message">
<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
<message clientCredentialType="Certificate" negotiateServiceCredential="true" algorithmSuite="Default" establishSecurityContext="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://urlsegura/App/Appm_Name.svc" binding="wsHttpBinding" bindingConfiguration="App.AppM_NameEP" contract="App.IAppM_Name" name="App.AppM_NameEP">
<identity>
<certificate encodedValue="XXXX" />
</identity>
</endpoint>
</client>
</system.serviceModel>
Thanks in advance. Best regards.
Upvotes: 0
Views: 1742
Answers (2)
Reputation: 12680
I don't understand the reverse proxy you describe but it seems you're trying to support access from both HTTP & HTTPS. To do this, you will need to add a second endpoint. You'd configure the service something like this:
<wsHttpBinding>
<binding name="ConfigEP">
<security mode="Message">
<message clientCredentialType="Certificate" />
</security>
</binding>
<binding name="ConfigEPHttps">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="Certificate" />
</security>
</binding>
</wsHttpBinding>
and this add the new endpoint:
<service behaviorConfiguration="App.AppM_NameBehavior" name="App.AppM_Name">
<endpoint address="" behaviorConfiguration="App.AppM_NameEPBehavior"
binding="wsHttpBinding"
bindingConfiguration="ConfigEP"
name="App.AppM_NameEP"
bindingNamespace="http://siteName/AppM_Name"
contract="App.IAppM_Name" />
<endpoint address="secure" behaviorConfiguration="App.AppM_NameEPBehavior"
binding="wsHttpBinding"
bindingConfiguration="ConfigEPHttps"
name="App.AppM_NameEPHttps"
bindingNamespace="http://siteName/AppM_Name"
contract="App.IAppM_Name" />
</service>
You also need make this change to get the WSDL over HTTPS:
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
Upvotes: 0
Reputation: 782
I think your error is being caused because you're using message based security on your configuration. Try changing it to Transport instead (in both the client and service configuration files), so that it uses SSL for security rather than encrypting the message.
You can use TransportWithMessageCredential if you absolutely must have the message encrypted also. Hope that helps.
Upvotes: 2
Related Questions
- WCF service working on local not server IIS for functions
- Cannot access WCF service remotely
- Unable to call my wcf endpoint
- Unable to access a locally hosted wcf service over the internet
- Can not call WCF Service hosted in a Managed Windows Service
- Not able to call WCF service from local machine
- silverlight WCF not working on internet
- error in calling hosted wcf service method (The service is offline or inaccessible)
- WCF service problem
- Unable to call a WCF service directly (.NET 3.0)