17

I've created and tested WCF service, everything works fine.

When I deployed to TEST environment and tried to open https://my.site/myapp/EnrollmentService.svc I've got the error message:

Could not find a base address that matches scheme http for the endpoint with binding MetadataExchangeHttpBinding. Registered base address schemes are [https].

Internet showed me that I need to add some more configuration options:

http://www.codeproject.com/KB/WCF/7stepsWCF.aspx

I've added some settings to service web.config file. Now it looks like in the following way:

<system.serviceModel> <services> <service name="McActivationApp.EnrollmentService" behaviorConfiguration="McActivationApp.EnrollmentServicBehavior"> <endpoint address="https://my.site/myapp/EnrollmentService.svc" binding="basicHttpBinding" bindingConfiguration="TransportSecurity" contract="McActivationApp.IEnrollmentService"/> <endpoint address="mex" binding="mexHttpBinding" contract="McActivationApp.IEnrollmentService" /> </service> </services> <behaviors> <serviceBehaviors> <behavior name="McActivationApp.EnrollmentServicBehavior"> <serviceMetadata httpGetEnabled="True"/> <serviceDebug includeExceptionDetailInFaults="False" /> </behavior> </serviceBehaviors> </behaviors> <bindings> <basicHttpBinding> <binding name="TransportSecurity"> <security mode="Transport"> <transport clientCredentialType="None" /> </security> </binding> </basicHttpBinding> </bindings> <serviceHostingEnvironment aspNetCompatibilityEnabled="true" /> </system.serviceModel>

Actually, I've added "bindings" section and specified it for my endpoint.

But this changed nothing...

Please advise, what I need to do. Thanks a lot!

P.S. Are there any differences in WCF service consuming from https and http resources?

Improve this question

3 Answers 3

Reset to default
25

When you want to expose your service only over HTTPS (site does not support HTTP at all) you can't use anything that is dependent on HTTP. Your current configuration exposes help page on HTTP and also mex endpoing (with wrong contract) on HTTP. So try this:

<system.serviceModel> <services> <service name="McActivationApp.EnrollmentService" behaviorConfiguration="McActivationApp.EnrollmentServicBehavior"> <endpoint address="" binding="basicHttpBinding" bindingConfiguration="TransportSecurity" contract="McActivationApp.IEnrollmentService"/> <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" /> </service> </services> <behaviors> <serviceBehaviors> <behavior name="McActivationApp.EnrollmentServicBehavior"> <serviceMetadata httpsGetEnabled="True"/> <serviceDebug includeExceptionDetailInFaults="False" /> </behavior> </serviceBehaviors> </behaviors> <bindings> <basicHttpBinding> <binding name="TransportSecurity"> <security mode="Transport"> <transport clientCredentialType="None" /> </security> </binding> </basicHttpBinding> </bindings> <serviceHostingEnvironment aspNetCompatibilityEnabled="true" /> </system.serviceModel>
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Am I correctly understood that here you: 1) changed mex binding from mexHttpBinding to mexHttpsBinding and 2) replaced httpGetEnabled with httpsGetEnabled. Right? Yes, it also works. Thanks
Yes that is what I did + changed contract for mex and removed first endpoint's address because it is not used when service is hosted in IIS.
Thanks -Ladislav Mrnka. I spent 6 hours to find your solution.Thanks a lot.
@LadislavMrnka if I understand correctly, the binding here being basicHttpBinding plays no role in securing the service via https. What matters is the security mode being "Transport", right?
6

You have got http metadata endpoint that should be changed to https as below.

<serviceMetadata httpsGetEnabled="True"/>

Also if not necessary you should remove the mex and https metadata endpoint from production as a best practice.

Improve this answer

3 Comments

Am I correctly understand that I need to add that into '<behaviors> <serviceBehaviors><behavior ..>"? So can I delete binding for http for that case? If add this attribute and delete binding 'serviceMetadata' already I receive the same error message... Please advise
The thing I was also need to change is to remove <serviceMetadata httpGetEnabled="True"/> (take attention: attribute name doesn't contain the 's') and to delete 'mex' endpoint...
This is what I meant, change from httpGetEnabled to httpsGetEnabled.
1

To fix the problem by allowing HTTP, you need to add a http binding in IIS:

  1. Navigate to your site in IIS
  2. Click 'Bindings...' in the Actions panel on the right.
  3. Click 'Add'
  4. Select 'http' and OK out.

Alternatively, you can prevent the problem by either deleting the line, or changing:

<serviceMetadata httpGetEnabled="True"/>

to:

<serviceMetadata httpsGetEnabled="True"/>
Improve this answer

1 Comment

... but... after that change, the web site began to work under usual 'http' that is not allowed...

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.