0

I have created a WCF with several calls and I want to protect it with Transport security so it'll go over SSL.

So I configured SSL in webmatrix since I'm using VS2012 + IIS Express like you can see below. HTTPs configured in Webmatrix on port 44330 HTTPs configured in Webmatrix on port 44330.

I updated my Web.config to support one endpoint with metadata on HTTPS and transportsecurity.

<system.serviceModel>

<services>
  <service name="Counter" behaviorConfiguration="Behavior">
    <endpoint address="https://localhost:44330/Counter.svc"
              binding="wsHttpBinding"
              bindingConfiguration="HTTPsBinding"
              contract="ICounter">
    </endpoint>
  </service>
</services>

<bindings>
  <wsHttpBinding>
    <binding name="HTTPsBinding">
      <security mode="Transport">
        <transport clientCredentialType="None" />
      </security>
    </binding>
  </wsHttpBinding>
</bindings>

<behaviors>
  <serviceBehaviors>
    <behavior name="Behavior">
      <serviceMetadata
            httpGetEnabled="false"
            httpsGetEnabled="true"
            httpsGetUrl="" />
    </behavior>
  </serviceBehaviors>
</behaviors>

Now when I run this in the browser it points me to the metadata at the HTTPS address like you can see below. HTTP works but HTTPs fails HTTP works but HTTPs fails.

And here is the problem, it doesn't use any certificate and I don't see anything. "This page can't be displayed" without any certificate being used. "This page can't be displayed" without any certificate being used.

How do I fix this or what am I doing wrong?

Tom Kerkhove
  • 2,151
  • 5
  • 26
  • 42
  • Have you considered adding the mexHttpsBinding endpoint – Rajesh May 23 '13 at 10:41
  • Have you considered mapping a certificate to the port 44330. You could do this in 2 ways. One via IIS and the other using netsh command line – Rajesh May 24 '13 at 16:08

2 Answers2

4

I found it that my issue wasn't located in my WCF configuration since it worked the day before. After a lot of coffee, surfing and command lining I noticed that the issue was IIS Express and it's SSL bindings with netsh http ssl.

I was using the default IIS Express certificate (CN=localhost) because I didn't include any serviceCertificate like Sam Vanhoutte suggests. Even when specify a certificate IIS Express only uses CN=localhost that needs to be in LocalMachine > Personal when starting IIS Express.

If that doesn't fix your problem, try to reinstall IIS Express. (It will reinstall the CN=localhost certificate on the correct place - Don't forget to reenable SSL in Webmatrix)

Tom Kerkhove
  • 2,151
  • 5
  • 26
  • 42
3

I believe you need to specify your server certificate in your web.config 

<behaviors>
  <behavior name="wsHttpCertificateBehavior">
    <serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"/>
    <serviceCredentials>
      <clientCertificate>
        <authentication 
          certificateValidationMode="PeerOrChainTrust" 
          revocationMode="NoCheck"/>
      </clientCertificate>
      <serverCertificate findValue="CN=SSLCert"/>
    </serviceCredentials>
  </behavior>
</behaviors>
Sam Vanhoutte
  • 3,247
  • 27
  • 48