I have WCF service, using both BasicHttpBinding and NetTcpBinding at different endpoints within one ServiceHost. NetTcp is using a self signed certificate, which is loaded from file, all were well untill I try to actually make use of the BasicHttpBinding, so I do:
On server:
var ServiceHost host = new ServiceHost(blah blah);
host.Credentials.ServiceCertificate.Certificate = GetCertificate(); //load a certificate from file
host.Credentials.ClientCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
var httpBinding = new BasicHttpBinding();
httpBinding.Security.Mode = BasicHttpSecurityMode.Transport;
httpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
On Client:
ChannelFactory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
var cer = GetCertificate();
ChannelFactory.Credentials.ClientCertificate.Certificate = cer;
var httpBinding = new BasicHttpBinding();
httpBinding.Security.Mode = BasicHttpSecurityMode.Transport;
httpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
//accept any cert
System.Net.ServicePointManager.ServerCertificateValidationCallback =
((sender, certificate, chain, sslPolicyErrors) => true);
However when connects, I got this error
Exception - An error occurred while making the HTTP request to https://localhost/MyService. This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server.
certificate is not installed, and it worked fine with net tcp binding, I guess I must missed something small?
One thing I notice is net.tcp is duplex channel while basic http is simplex, I am sure there is a difference to setup? For example, I needed to load certificate at both end for net.tcp, what happens to basic http then?
Thanks in advance
Certificate for HTTPS is not configured in WCF configuration. You must configure certificate for http.sys. To do that use netsh.exe from command line with elevated privileges. If you are hosting your service in IIS/WAS you don't have to use netsh and you can configure HTTPS directly in IIS.