0

I am trying to authenticate my user logging from windows phone 7 using AuthenticationService WCF which is hosted in IIS 7.

I tried it without SSL and is working fine. But I want to convert it to https.

The error I am getting is when I hit the call to this WCF from my WP7 emulator is :

"EndpointNotFoundException"

However my web.config has the following details:

<system.serviceModel>
   <services>
     <service name="System.Web.ApplicationServices.AuthenticationService" 
    behaviorConfiguration="AuthenticationServiceTypeBehaviors">
       <endpoint contract="System.Web.ApplicationServices.AuthenticationService"  
         binding="basicHttpBinding"
         bindingConfiguration="userHttps" address="https://localhost:700/AuthenticationService.svc"
         bindingNamespace="http://asp.net/ApplicationServices/v200"/>
       <endpoint address="mex" 
      binding="mexHttpsBinding"
      contract="IMetadataExchange" /> 
     </service>

   </services>
   <bindings>
     <basicHttpBinding>
       <binding name="userHttps">
         <security mode="Transport">
           <transport clientCredentialType="None" />
         </security>
       </binding>
     </basicHttpBinding>
   </bindings>
   <behaviors>
     <serviceBehaviors>
       <behavior name="AuthenticationServiceTypeBehaviors" >
         <serviceMetadata httpsGetEnabled="true" />
         <serviceDebug includeExceptionDetailInFaults="true"  />
       </behavior>

     </serviceBehaviors>

   </behaviors>
   <serviceHostingEnvironment
     aspNetCompatibilityEnabled="true"/>
 </system.serviceModel>

USING: AspNetSqlMembershipProvider and I am avoiding those details to make the point.

In my IIS 7, I have created an App pool and associated a self signed certificate to the hosted WCF and in the SSL Settings options to "Require SSL - selected" and "Ignore client certificates- checked"

I am able to browse to https://localhost:700/AuthenticationService.svc.

I was able to add this as a Service Reference in my phone, but when I call the login method it is showing the error.

I have specified the end-point address and even then it is showing error.

Can anyone explain me how to debug this to get more details or any pointers to solve "Using Authentication Service WCF via SSL"

EDIT 1 I tried using IP addresses and the svc URL when I tried accessing the service through browser

svcutil.exe https://mcname.domain.local:700/AuthenticationService.svc?wsdl

EDIT 2 Tried disabling antivirus and firewalls and still no luck.

none
  • 11,793
  • 9
  • 51
  • 87
Rohith Nair
  • 1,080
  • 1
  • 17
  • 33
  • If you are hosting on IIS the endpoint address is managed by IIS hence remove the endpoint address value. Also i see that you are using Https on port 700 rather than the default 443. If that is what you want then have you mapped the SSL certificate to port 700 in IIS. Are the certificates self signed? If yes then you might get an exception that can be overridden by ServicePointManager.ServerCertificateValidationCallback Property (http://msdn.microsoft.com/en-us/library/system.net.servicepointmanager.servercertificatevalidationcallback.aspx) – Rajesh Oct 25 '12 at 15:11
  • yes its self signed and where to use this ServicePointManager.ServerCertificateValidationCallback?? In Wp7 it is all Async webservice calls and I dont know where to put this. I tried it with default 443 also – Rohith Nair Oct 25 '12 at 15:15
  • The ServicePointManager.ServerCertificateValidationCallback needs to be on the client side calling code. – Rajesh Oct 25 '12 at 15:21
  • @Rajesh I changed it to default port 443 and still it is showing same error – Rohith Nair Oct 25 '12 at 15:25
  • Are you able to browse on the remotehost machine locally using IE or some browser? – Rajesh Oct 25 '12 at 15:26
  • Yes I am able to and I can create service reference pointing to that adddress. I tried using svcutil and I got this error: HTTP GET Error URI: https://192.168.0.8/Authentication.svc?wsdl .Does it has somethign to do with HTTPGETENABLED key??? I want this service to be accessible only by HTTPS . – Rohith Nair Oct 25 '12 at 15:41
  • let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/18591/discussion-between-rajesh-and-rohith-nair) – Rajesh Oct 25 '12 at 15:41

1 Answers1

0

As per @Rajesh's comments, I installed the certificate in phone and it started working.

I tried all options of exporting .CER, .PFX and .P7B format and only P7B format worked for me to get it installed in phone.

The part of web.config file for enabling AuthenticationService WCF with SSL is 

        <services>
          <service behaviorConfiguration="AppServiceBehaviors" name="System.Web.ApplicationServices.AuthenticationService">
            <endpoint binding="basicHttpBinding" bindingConfiguration="defaultBasicHttpBinding"
              bindingNamespace="http://asp.net/ApplicationServices/v200" contract="System.Web.ApplicationServices.AuthenticationService" />
          </service>

        </services>
        <behaviors>
          <serviceBehaviors>
            <behavior name="AppServiceBehaviors">
              <serviceMetadata httpsGetEnabled="true" />
              <serviceDebug includeExceptionDetailInFaults="true" />
            </behavior>
            <behavior name="">
              <serviceMetadata httpsGetEnabled="true" />
              <serviceDebug includeExceptionDetailInFaults="true" />
            </behavior>
          </serviceBehaviors>
        </behaviors>
        <serviceHostingEnvironment aspNetCompatibilityEnabled="true"
          multipleSiteBindingsEnabled="true" />
      </system.serviceModel>

      <system.web.extensions>
        <scripting>
          <webServices>
            <authenticationService enabled="true" requireSSL="true"/>

Steps followed to make it work: http://blogs.msdn.com/b/davidhardin/archive/2010/12/30/wp7-and-self-signed-ssl-certificates.aspx

  • The host name must be resolvable by the http agent via DNS, WINS, hosts file, etc.
  • The SSL certificate must be known by a name that matches the host name.
  • The trusted root certificate must be installed with the http
    agent, i.e. on the phone.

Installing the certificate on to the WP7 emulator phone was the trickiest part. As mentioned earlier the P7B file was hosted on the IIS and URL was accessed via emulator browser which helped me to install the certificate on phone (Sorry! I forgot the reference link).

After the installation, the endpoint issue disappeared and it started to work. As this is not a permanent solution (because everytime emulator is closed the CERT needs to be reinstalled), I am working on http://wp7certinstaller.codeplex.com/ code to make it work when it is hosted in IIS for testing purposes.

Thanks @Rajesh for your help.

Rohith Nair
  • 1,080
  • 1
  • 17
  • 33