I have WCF Rest Service that is being consumed by android, iOS and asp.net web application. all endpoint methods return json format so I use webHttpBinding. Problems started when I secured the service by activating Windows authentication(disabled Anonymous before that). When I try to add Service reference from the asp.net web application I receive the following error:
The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Negotiate,NTLM'.
The remote server returned an error: (401) Unauthorized.
When I call endpoints in browser windows dialog is being showed with username and pass and everything works fine, but When I try to add the reference I receive the error. I'm also using SSL and the service has only https address.
web.config wcf rest service:
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" executionTimeout="90" maxRequestLength="20000" useFullyQualifiedRedirectUrl="false" requestLengthDiskThreshold="8192" />
<authentication mode="Windows" />
</system.web>
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
<bindings>
<webHttpBinding>
<binding name="WebHttpEndpointBinding" maxReceivedMessageSize="200000000" maxBufferPoolSize="200000000">
<readerQuotas maxDepth="32" maxArrayLength="2000000000" maxStringContentLength="2000000000" />
<security mode="Transport">
<transport clientCredentialType="Windows" />
</security>
</binding>
</webHttpBinding>
</bindings>
<services>
<service name="restSrvService.restSrvRestService" behaviorConfiguration="serviceBehavior">
<endpoint address="" name="webHttpEndpoint" binding="webHttpBinding" bindingConfiguration="WebHttpEndpointBinding" behaviorConfiguration="web" contract="restSrvService.IrestSrvRestService">
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="serviceBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceAuthenticationManager authenticationSchemes="IntegratedWindowsAuthentication" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="web">
<endpointDiscovery enabled="true">
</endpointDiscovery>
<webHttp />
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>
web.config web application:
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"></modules>
</system.webServer>
<system.serviceModel>
<bindings>
<webHttpBinding>
<binding name="WebHttpEndpointBinding" bypassProxyOnLocal="true" useDefaultWebProxy="true" maxReceivedMessageSize="200000000" maxBufferPoolSize="200000000">
<readerQuotas maxDepth="32" maxArrayLength="2000000000" maxStringContentLength="2000000000" />
<security mode="Transport">
<transport clientCredentialType="Windows"></transport>
</security>
</binding>
</webHttpBinding>
</bindings>
<client>
<endpoint address="https://serviceAddress/restSrvRestService.svc/"
binding="webHttpBinding" bindingConfiguration="WebHttpEndpointBinding"
contract="restSrvService.IrestSrvRestService" behaviorConfiguration="webEndpoint" name="WebHttpEndpoint">
<identity>
</identity>
</endpoint>
</client>
<behaviors>
<endpointBehaviors>
<behavior name="webEndpoint">
<webHttp />
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>
Related
I'm trying to configure WCF authentication with UserName but without success, I have tried a a lot of solution that I found already, but nothing seem to work for me.
The HTTP request is unauthorized with client authentication scheme
'Anonymous'. The authentication header received from the server was
'Negotiate,NTLM,Basic realm="localhost"'.
Server setting
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="basicHttpBindingConfiguration">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" negotiateServiceCredential="false" />
<transport clientCredentialType="None" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service name="Namespace.Service" behaviorConfiguration="wsHttpBehavior">
<endpoint binding="wsHttpBinding" bindingConfiguration="basicHttpBindingConfiguration" name="Soap" bindingNamespace="/WebServices" contract="Namespace.IService">
</endpoint>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" name="mex" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="wsHttpBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="UserNamePasswordValidator, WebApplication" />
<!--<serviceCertificate findValue="ServiceModelSamples-HTTPS-Server" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />-->
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
On the client side
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="Soap">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" />
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://localhost:85/WebServices/Service.svc"
binding="wsHttpBinding" bindingConfiguration="Soap" contract="ServiceReference1.IService"
name="Soap" />
</client>
</system.serviceModel>
Here is my IIS config
Most of solution that I found use Windows Transport, I need Authentication only through Username.
I check this :
https://blog.sandervanlooveren.be/posts/securing-a-wcf-service-with-username-and-password/
https://learn.microsoft.com/en-us/dotnet/framework/wcf/samples/ws-transport-with-message-credential
I have tried security mode="Message" and security mode="TransportWithMessageCredential" without success
My client code look like :
// Instantiate the proxy
var proxy = new ServiceClient();
proxy.ClientCredentials.UserName.UserName = "username";
proxy.ClientCredentials.UserName.Password = "password";
Please can anyone check my config and tell what I'm setting wrong ?
Edit:
This is a Service inside an ASP.Net MVC5 App, Can this also be a problem ?
There might be something amiss with the customUserNamePasswordValidatorType property string.It is usually in the following form
customUserNamePasswordValidatorType="Namespace.MyCustUserNamePasswordVal,Namespace"
Can you access the WSDL of hosting service? Also, turning on the anonymous authentication is enough, unnecessary to enable others authentication.
Here is my configuration, I used simplified configuration which be supported in WCF4.5, wish it is useful to you.
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
<serviceCredentials>
<userNameAuthentication customUserNamePasswordValidatorType="WcfService1.CustUserNamePasswordVal,WcfService1" userNamePasswordValidationMode="Custom"/>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding>
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<protocolMapping>
<add binding="wsHttpBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
Feel free to let me know If there is anything I can help with.
I've created my custom Certificate Authority (CA) using openssl. Then I've created certificated using the previous one and the request from IIS. So now I have chain of certificates. Then I've bound the second one to my WCF service and every thing is fine. Then on client I've installed my CA certificate in Trusted Root Certification Authority to make it able to recognize my custom certificate.
My WCF service currently run on simple http connection.
Server side:
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="SyncWcfServices.MainServiceBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="ExtendedMaxSize" maxReceivedMessageSize="2147483647">
<security mode="None">
<transport clientCredentialType="None"></transport>
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service name="SyncWcfServices.MainService" behaviorConfiguration="SyncWcfServices.MainServiceBehavior">
<endpoint address="/syncService.svc" binding="wsHttpBinding" bindingConfiguration="ExtendedMaxSize" contract="SyncWcfServices.IMainService"></endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"></endpoint>
</service>
</services>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
Client side:
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IMainService" maxReceivedMessageSize="2147483647" sendTimeout="00:10:00">
<security mode="None" />
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost/SyncService/SyncService.svc"
binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IMainService"
contract="SyncServiceReference.IMainService" name="WSHttpBinding_IMainService" />
</client>
</system.serviceModel>
So, I need to change this settings to support SSL connection. I've read a lot of post how to do it but there always using 2-way certification check that mean server must check client certificate and client must check server certificate. But I only want client to check server certificate using CA that I installed. And server will check with ordinary credentials (username, password) as it was before. I think that I have to change the security mode to Transport in both sides and server mex endpoint to mexHttpsBinding but what should I do next? Please help to resolve it.
Thanks you all!
Finally I found the correct way! So server side:
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="SyncWcfServices.MainServiceBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceCredentials>
<serviceCertificate
findValue = "*.mydomain.com"
storeLocation = "LocalMachine"
storeName = "My"
x509FindType = "FindBySubjectName"
/>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="ExtendedMaxSize" maxReceivedMessageSize="2147483647">
<security mode="Transport">
<transport clientCredentialType="None"></transport>
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service name="SyncWcfServices.MainService" behaviorConfiguration="SyncWcfServices.MainServiceBehavior">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="ExtendedMaxSize" contract="SyncWcfServices.IMainService"></endpoint>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange"></endpoint>
<host>
<baseAddresses>
<add baseAddress="http://localhost:8095/Design_Time_Addresses/SyncWcfServices/MainService/" />
</baseAddresses>
</host>
</service>
</services>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
Client Side:
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name = "ServiceCertificate">
<clientCredentials>
<serviceCertificate>
<authentication certificateValidationMode = "ChainTrust"/>
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="ExtendedMaxSize" maxReceivedMessageSize="2147483647">
<security mode="Transport">
<transport clientCredentialType="None"></transport>
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://localhost/SyncService/SyncService.svc"
binding="wsHttpBinding" bindingConfiguration="ExtendedMaxSize"
behaviorConfiguration = "ServiceCertificate"
contract="SyncServiceReference.IMainService" name="WSHttpBinding_IMainService">
</endpoint>
</client>
</system.serviceModel>
Hope it will help someone!
Also please look at "Programming WCF Services" (4th edition) book by Juval Lowy & Michael Montgomery. It's a great book!
I am building wcf aplication that will work only with users that have User+Password to the windows where this wcf is located.That mean is my wcf located on server X and i call function GetData(5) i will see the logon form (the same users that in windows) and entered User+Password and then get data back, my main goal is to pass User+Password to avoid this logon window,but now i can't forse my wcf to ask for windows authentication,it is returning data to everyone.
What i am doing wrong?
I am using Vs2012(4.5)
P.s if any one have example of wcf that use windows authentication i
will be very happy to see it.
My webConfig
<?xml version="1.0"?>
<configuration>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
<authentication mode="Windows" />
<identity impersonate="false" />
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5"/>
</system.web>
<system.serviceModel>
<services>
<service name="WcfService10.Service1">
<endpoint address="WCF10" binding="basicHttpBinding" bindingConfiguration="NewBinding10"
contract="WcfService10.IService1" />
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="NewBinding10">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Windows" customUserNamePasswordValidatorType="Type, Assembly" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<directoryBrowse enabled="true"/>
</system.webServer>
</configuration>
To pass alternative windows credentials to a service, use the following code:
var proxy = new MyServiceClient();
proxy.ClientCredentials.Windows.ClientCredential.Domain = "MyDomain";
proxy.ClientCredentials.Windows.ClientCredential.UserName = "MyUsername";
proxy.ClientCredentials.Windows.ClientCredential.Password = "MyPassword";
proxy.DoSomething();
proxy.Close();
Here one config with webHttpBinding and Windows Transport security. You have to change the service name, baseAddress, contract="Server.IServicemame"
<system.serviceModel>
<!--Services-->
<services>
<service name="Server.servicemame">
<host>
<baseAddresses>
<add baseAddress="http://localhost:9011/servicemame/service"/>
</baseAddresses>
</host>
<endpoint address="" binding="webHttpBinding" contract="Server.IServicemame" bindingConfiguration="HttpBindingWithSecurity">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<!--Behaviors-->
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceAuthorization impersonateCallerForAllOperations="false" />
<dataContractSerializer maxItemsInObjectGraph="2147483647"/>
<serviceCredentials>
<windowsAuthentication allowAnonymousLogons="false"/>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<!--Bindings-->
<bindings>
<webHttpBinding>
<binding name="HttpBindingWithSecurity">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows"/>
</security>
</binding>
</webHttpBinding>
</bindings>
</system.serviceModel>
I am trying to validate that the certificate sent with https requests to my web service matches specific a specific certificate in my server's Trusted People store.
The client is signing their soap messages using a private key and I am attempting to use the public key they provided to validate.
If I change:
<clientCertificate>
<authentication certificateValidationMode="None" />
</clientCertificate>
to anything other than certificateValidationMode="None" i.e PeerTrust, I get an error when trying to call methods in the service from the client's environment:
"At least one security token in the message could not be validated."
However, when I call the service and sign the message with my private key it works. So it seems like no validation is happening only checking for a valid cert signature.
Is there a way to validate that the signed message is indeed signed with a certificate that matches a certificate in my trusted stores using web.config or can this only be done in code?
Below is my web.config (names have been changed to protect the innocent):
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="CertificateBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" httpHelpPageEnabled="true" />
<dataContractSerializer maxItemsInObjectGraph="2147483647"/>
<serviceThrottling maxConcurrentCalls="160" maxConcurrentInstances="160" maxConcurrentSessions="100" />
<serviceCredentials>
<serviceCertificate findValue="*.publiccert.com" storeLocation="LocalMachine" storeName="TrustedPeople" x509FindType="FindBySubjectName" />
<clientCertificate>
<authentication trustedStoreLocation="LocalMachine" certificateValidationMode="PeerTrust" />
</clientCertificate>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="CertHttpsBinding" messageEncoding="Mtom" maxReceivedMessageSize="2147483647" maxBufferSize="2147483647" transferMode="Buffered" receiveTimeout="10:01:00" sendTimeout="10:01:00" textEncoding="utf-8">
<readerQuotas maxDepth="1024" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="16384"/>
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="Certificate" proxyCredentialType="None" realm="" />
<message clientCredentialType="Certificate" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="Test.Services.Service" behaviorConfiguration="CertificateBehavior">
<host>
<baseAddresses>
<add baseAddress="http://test.com/Service.svc"/>
</baseAddresses>
</host>
<endpoint address=""
binding="basicHttpBinding"
bindingConfiguration="CertHttpsBinding"
contract="Test.Services.TestService"
bindingNamespace="" />
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" >
<serviceActivations>
<add relativeAddress="~/Service.svc" service="Test.Services.Service" />
</serviceActivations>
</serviceHostingEnvironment>
</system.serviceModel>
my test client config:
<behaviors>
<endpointBehaviors>
<behavior name="testCertBehavior">
<clientCredentials>
<clientCertificate findValue="*.myPrivateCert" storeLocation="LocalMachine" storeName="TrustedPeople" x509FindType="FindBySubjectName"/>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<binding name="BasicHttpBinding_Test" sendTimeout="00:03:00"
maxBufferSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Mtom">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="Certificate"/>
</security>
</binding>
<endpoint address="https://test.com/Service.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_Test"
contract="Test.Services.TestService" name="EndPoint_BasicHttpBinding_Test"
behaviorConfiguration="testCertBehavior" />
I have a self hosted WCF service which works fine when called with wsHttpBinding or basicHttpBinding over HTTP. The clients will include Windows Phone -devices over the Internet and because they can't utilize wsHttpBinding and we definitely need more security than basicHttpBinding offers I've tried to use TransportWithMessageCredential. When using HTTP everything works great but if I switch the client to HTTPS I get these in VS: "There was no endpoint listening at https://..." and "The remote server returned an error: NotFound."
I enabled service trace and it says that it opened the HTTPS-port without any problems and when I check netstat -an it confirms that the port really is open. HTTP and wsHttpBinding calls to the service work great and they generate events to the log but these HTTPS -calls don't show up there at all. I also can't get the metadata via HTTPS although it is enabled.
The client and server are on the same machine and certificate is self-signed but it works with wsHttpBinding.
Here is the service config:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<services>
<service behaviorConfiguration="xyzSecuredBehavior" name="x.x.xService">
<endpoint address="/basic" binding="basicHttpBinding" bindingConfiguration="xyzBasicBinding"
contract="x.x.IxService" />
<endpoint address="/secure" binding="basicHttpBinding" bindingConfiguration="xyzBasicBindingSecure"
contract="x.x.IxService" />
<host>
<baseAddresses>
<add baseAddress="https://10.10.0.188:3003/xService" />
<add baseAddress="http://10.10.0.188:3001/xService" />
</baseAddresses>
</host>
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="customAuthenticationBinding" maxReceivedMessageSize="1000000" closeTimeout="23:59:59" openTimeout="23:59:59" receiveTimeout="23:59:59" sendTimeout="23:59:59">
<readerQuotas maxDepth="1000000" maxStringContentLength="1000000" maxArrayLength="1000000" maxBytesPerRead="1000000" maxNameTableCharCount="1000000" />
<security mode="Message">
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
<basicHttpBinding>
<binding name="xyzBasicBinding" maxBufferSize="1000000" maxBufferPoolSize="1000000" maxReceivedMessageSize="1000000">
<readerQuotas maxDepth="1000000" maxStringContentLength="1000000" maxArrayLength="1000000" maxBytesPerRead="1000000" maxNameTableCharCount="1000000" />
<security mode="None">
<message clientCredentialType="UserName" />
</security>
</binding>
<binding name="xyzBasicBindingSecure" maxBufferSize="1000000" maxBufferPoolSize="1000000" maxReceivedMessageSize="1000000">
<readerQuotas maxDepth="1000000" maxStringContentLength="1000000" maxArrayLength="1000000" maxBytesPerRead="1000000" maxNameTableCharCount="1000000" />
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="xyzSecuredBehavior">
<serviceCredentials>
<serviceCertificate findValue="xyzTestCert" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="My"/>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="z.z.AuthenticationManager, z.zz" />
<windowsAuthentication allowAnonymousLogons="false"/>
</serviceCredentials>
<serviceAuthorization serviceAuthorizationManagerType="z.z.AuthorizationManager, z.zz" />
<serviceMetadata httpsGetEnabled="true" httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true" />
<dataContractSerializer maxItemsInObjectGraph="1000000000" />
</behavior>
<behavior name="xyzBasicBehavior" >
<serviceAuthorization serviceAuthorizationManagerType="z.z.AuthorizationManager, z.zz" />
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true" />
<dataContractSerializer maxItemsInObjectGraph="1000000000" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
</configuration>
And this is the client config:
<configuration>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IxService" maxBufferSize="2147483647"
maxReceivedMessageSize="2147483647">
<security mode="None" />
</binding>
<binding name="BasicHttpBinding_IxService1" maxBufferSize="2147483647"
maxReceivedMessageSize="2147483647">
<security mode="TransportWithMessageCredential" />
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://10.10.0.188:3001/xService/basic"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IxService"
contract="ServiceReference1.IxService" name="BasicHttpBinding_IxService" />
<endpoint address="https://10.10.0.188:3003/xService/secure"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IxService1"
contract="ServiceReference1.IxService" name="BasicHttpBinding_IxService1_secure" />
</client>
</system.serviceModel>
Any help is appreciated as I have already wasted a good day or two on this and googling and fiddling with the settings has led to nothing.
this is already answerd so , i am not answering it here, instead giving you the link
http://www.codeproject.com/Articles/36705/7-simple-steps-to-enable-HTTPS-on-WCF-WsHttp-bindi
I found the solution to this problem. Because the service is self hosted I needed to manually apply the certificate to the application. It wasn't enough that it was specified in the server config.
Detailed instructions can be found here:
http://allen-conway-dotnet.blogspot.fi/2012/02/applying-and-using-ssl-certificate-with.html