IIS 7.0 Web Service - Works on HTTP (80), Fails with error 404 on HTTPS (443)

Question

IIS 7.0 on Windows 2008

WCF Web Service, .NET 4 from VS 2010

Web service is installed via publishing and I have full admin rights on the server. There are several complicated methods, but there is a simple one that returns the build version. If we can get this one working, I can fix them all - here is my interface:

namespace MyNameSpace
{

    [ServiceContract]
    public interface WebInterface
    {

        [OperationContract]
        [WebGet]
        string GetVersion();

Attempt to connect via HTTP:// and everything works fine!

Attempt to conenct via HTTPS:// I get a 404 file not found.

I can reach the generic "You have created a web service..." page, including full web service path and the C# generic sample code when browsing to the exact same URL's both on HTTP and HTTPS.

In C#, I have read that the certificate can cause trouble, and I have already implemented the delegate overload to approve our server certificate.

I suspect missing one or more entries in the Web.config file, but I don't have a clue where to start. I have tried Google searching and Stack Overflow searching, but I haven't found the correct combination of search terms to help with this particular issue.

Web Config:

<system.serviceModel>
  <behaviors>
    <serviceBehaviors>
      <behavior name="HttpGetMetadata">
        <serviceDebug includeExceptionDetailInFaults="true"/>
        <serviceMetadata httpGetEnabled="true" />
      </behavior>
    </serviceBehaviors>
  </behaviors>
  <services>
    <service name="LinkService" behaviorConfiguration="HttpGetMetadata">
      <endpoint address="" contract="WebInterface" binding="basicHttpBinding" />
    </service>
  </services>
  <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>

Help Please.

Answer 1

You're using the defaults for basicHttpBinding , and the default security mode for that binding is None. You need to define the binding and set the security mode to Transport in your config. Add a Bindings section to your ServiceModel section, like this:

<serviceModel>
  <Bindings>
    <basicHttpBinding name="secureBinding">
      <security mode="Transport">
        <transport clientCredentialType="None" />
      </security>
    </basicHttpBinding>
  </Bindings>
</serviceModel>

Then you need to assign this binding to your endpoint via the bindingConfiguration attribute, like this:

<endpoint address="" 
          binding="basicHttpBinding" 
          bindingConfiguration="secureBinding"  
          contract="WebInterface" />

You'll probably want to enable httpsGetEnabled as well:

<serviceMetadata httpGetEnabled="true"
                 httpsGetEnabled="true" />

See BasicBinding with Transport Security (which is what the sample code is based on).

You can also google with terms like "BasicHttpBinding WCF SSL" and stuff like that - lots of examples and information on the web, it's just a matter of using the right words :)

Also, I'm not 100% confident that the transportClientCredential setting is correct for your scenario (it might need to be Certificate ), but I've done very little with SSL for WCF.

There may be other issues as well (like how IIS is set up on your machine), but the above is what's needed for the config.