Call WCF using transport layer security and SSL configured



<service behaviorConfiguration="returnFaults" name="TestService.Service">

<endpoint binding="wsHttpBinding" bindingConfiguration=

TransportSecurity" contract="TestService.IService"/>

<endpoint address="mex" binding="mexHttpsBinding"

name="MetadataBinding" contract="IMetadataExchange"/>





<behavior name="returnFaults">

<serviceDebug includeExceptionDetailInFaults="true"/>

<serviceMetadata httpsGetEnabled="true"/>







<binding name="TransportSecurity">

<security mode="Transport">

<transport clientCredentialType="None"/>






<messageLogging logEntireMessage="true"

maxMessagesToLog="300" logMessagesAtServiceLevel="true"

logMalformedMessages="true" logMessagesAtTransportLevel="true"/>



//Contract Description
interface IService
string TestCall();

public class Service:IService
public string TestCall()
return "You just called a WCF webservice On SSL
(Transport Layer Security)";

//Tracing and message logging

In the above ServiceModel configuration, there are two end points:

1. One with contract TestService.IService: In this, binding is configured to have transport layer security , see inside the tag. So SSL has to be configured on IIS.

2. One with contract IMetadataExchange: this is also configured to an HTTPS call. If you see the binding it is mexHttpsBinding, and in the service behaviors section, httpsGetEnabled is used, here I tried to even secure the metadata publishing through WSDL.

To configure this Web.config file you can use SvcConfigEditor.exe which is located in
C:\program files\microsoft sdks\windows\v6.0\bin\svcconfigeditor.exe

If you try to run the code from Visual Studio then you get an exception as shown below:
"Could not find a base address that matches scheme HTTPS for the endpoint with binding WSHttpBinding. Registered base address schemes are [HTTP]."

So first configure the website on SSL. To get an idea on how to configure SSL, you can go through this. Make sure that when you configure the SSL, the certificate CN value should be exactly the same as the URL of the website. For example, if your webservice address is http:\\, then issue a certificate on the name : CN = http:\\

Don't forget to host an entry in the hosts file c:\windows\system32\drivers\etc\hosts. If you want to put this on localhost then just enter the following in the host file

Configure as the header value in the website properties on port 80. Once you are done with SSL, you will access the webservice through the web browser as On this page you will have the HTTPS URL for WSDL .

I have even enabled tracing and message logging on the webservice. To view the service log just use svctraceviewer.exe by loading service.log file in this. See the tag above

Note that I have not put any certificates to run this sample. So if you want to run this sample, then generate a certificate, install it on IIS as per the instructions above and run it though the browser.
Ebook Download
View all
View all