WCF & https

More
5 months 5 days ago - 5 months 5 days ago #1 by ic2
WCF & https was created by ic2
We use WCF to exchange data which we started after the excellent presentations Nick Friend gave on earlier Devshares. Several sites have the necessary (C#) server DLL, .svc file and adapted web.config installed while the Vulcan (soon to be X#) client is doing the actual exchange.

One of our sites was recently changed to https and the WCF stopped working. Changing the (parametrized) call to https did not solve it. In the web.config of that site we made 2 changes:
1 Within the behavior tag, we changed httpGetEnabled="true" to <serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"/>
- which did not help and then added:
2 <serviceCredentials>
<clientCertificate>
<authentication
certificateValidationMode="PeerOrChainTrust"
revocationMode="NoCheck"/>
</clientCertificate>
which did not help either.

Currently we reroute the WCF calls to one of the other non https sites but eventually these will by https as well so it would be nice if we get it working again with https as well.

Does anyone (probably Nick?) know what else needs to changed?

Dick
Last edit: 5 months 5 days ago by ic2.

Please Log in or Create an account to join the conversation.

More
5 months 5 days ago #2 by NickFriend
Replied by NickFriend on topic WCF & https
Hi Dick,

Haven't tried it, but this link looks like it should show you what to do.

https://docs.microsoft.com/en-us/dotnet/framework/wcf/feature-details/how-to-configure-an-iis-hosted-wcf-service-with-ssl

Nick

Please Log in or Create an account to join the conversation.

More
5 months 5 days ago - 5 months 5 days ago #3 by SHirsch
Replied by SHirsch on topic WCF & https
Hi Nick,

I just have done self hosted WCF. In my config file I had to change the binding (like Nick's link also shows):
<bindings>
  <basicHttpBinding>
    <binding name="bindHttpsPush"
         closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00"
         sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false"
         hostNameComparisonMode="StrongWildcard" maxBufferSize="65536"
         maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
         messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
         useDefaultWebProxy="true">
        <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
              maxBytesPerRead="4096" maxNameTableCharCount="16384" />
        <security mode="Transport">
           <transport clientCredentialType="None" proxyCredentialType="None" realm="" />
        </security>
    </binding>
  </basicHttpBinding>
</bindings>

Maybe this helps.

Regards,
Stefan
Last edit: 5 months 5 days ago by SHirsch.

Please Log in or Create an account to join the conversation.

More
5 months 2 days ago #4 by ic2
Replied by ic2 on topic WCF & https
Hello Stefan, Nick,

Thanks for your reply. I had most of these tags in my web.config already; I changed a few more which caused my website to stop working, put some back - it remains a bit trial & error but I don't see really critical differences between your & my web.config but nevertheless it doesn't work.

I assume this needs the changes also in Nick's link, which means changes in the server to which I don't have access as it is a shared server from an external hoster. I will probably keep one at least website running on http and call the service there.

I read an interesting article called https://blog.tonysneed.com/2016/01/06/wcf-is-dead-long-live-mvc-6/WCF Is Dead and Web API Is Dying – Long Live MVC 6! (early 2016). Personally I think WCF is working very well, but if it does not, it is very difficult to find why not (as it took me a lot of time plus the help from Nick too get it working anyway).

Dick

Please Log in or Create an account to join the conversation.

More
5 months 2 days ago #5 by SHirsch
Replied by SHirsch on topic WCF & https
Hi Dick,

do use standard https port 443?
If not, a valid certificate has to be bound to the use port.

Regards,
Stefan

Please Log in or Create an account to join the conversation.

More
5 months 2 days ago #6 by ic2
Replied by ic2 on topic WCF & https
Hello Stefan,

I am not sure about this. But I've redirected my DLL to a website which is http and will remain that way. This will save me a lot of trial & error time and works fine. Also a secure connection just for running the service is not necessary so I leave it as it is.

Thanks anyway for your info.

Dick

Please Log in or Create an account to join the conversation.