wcfsslwindows-servicesclient-certificateswcfserviceclient

WCF service self hosting with https


Currenlty there is a Wcf service hosted as windows service in one of our client side machine, actually currently this is working with normal http call. As we need to use https instead of http, for that we modified app.config but after starting the service the https url not working.Then we tried URL reservation by using netsh http add urlacl url=https://+:18732/Peripheral/ user=Everyone.Then we restared the service again it's not able to access the https url.

we are getting the error in the URl browser •Make sure that TLS and SSL protocols are enabled.

Is this related to any certificate issue? if so how we can able to solve this issue?

The web.config is provied below:-

<system.serviceModel>
<standardEndpoints />
  <serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
  <bindings>
    <basicHttpBinding>
    <binding name ="soapBinding">
    <security mode="Transport">
    <transport clientCredentialType="None"/>
    </security>
    </binding>
    </basicHttpBinding>
    <webHttpBinding>
 <binding name="Bind1" crossDomainScriptAccessEnabled="true">
<security mode="Transport">
 <transport clientCredentialType="None"/>
</security>
</binding>
</webHttpBinding>  
    </bindings>
    <services>
      <service name="Peripheral.Server.Impl.PeripheralServiceImpl" behaviorConfiguration="SvcBhvr">
<host>
<baseAddresses>
  <add baseAddress="https://localhost:18732/Peripheral/" />
  </baseAddresses>
</host>
<endpoint address="https://localhost:18732/Peripheral/" binding="webHttpBinding" behaviorConfiguration="EndPBhvr" bindingConfiguration="Bind1" 
contract="Peripheral.Server.Contract.IPeripheralService">
 <!--<identity>
    <dns value="localhost" />
  </identity>-->
</endpoint>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="EndPBhvr">
<webHttp /> 
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="SvcBhvr">
<serviceMetadata httpsGetEnabled="true" httpGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>

Anyone knows how to fix this and what we needed to do so that we could able to access the url as https from windows services?


Solution

  • You may need also to bind ssl certificate to the specific port number using netsh or HttpConfig tool depending from OS version. Detailed instructions can be found here

    In your case it could be:

    netsh http add sslcert ipport=0.0.0.0:18732 certhash=<certhash> appid={<guid>} clientcertnegotiation=enable
    

    where

    certhash = your certificate Thumbprint(X509Certificate2.Thumbprint)

    appid = could be just Guid.NewId()