<system.serviceModel>
<services>
<service behaviorConfiguration="returnFaults" name="TestService.Service">
<endpoint binding="wsHttpBinding" bindingConfiguration=
"TransportSecurity" contract="TestService.IService"/>
<endpoint address="mex" binding="mexHttpsBinding"
name="MetadataBinding" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="returnFaults">
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceMetadata httpsGetEnabled="true"/>
<serviceTimeouts/>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="TransportSecurity">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<diagnostics>
<messageLogging logEntireMessage="true"
maxMessagesToLog="300" logMessagesAtServiceLevel="true"
logMalformedMessages="true" logMessagesAtTransportLevel="true"/>
</diagnostics>
</system.serviceModel>
//Contract Description
[ServiceContract]
interface IService
{
[OperationContract]
string TestCall();
}
//Implementation
public class Service:IService
{
public string TestCall()
{
return "You just called a WCF webservice On SSL
(Transport Layer Security)";
}
}
//Tracing and message logging
In the above ServiceModel configuration, there are two end points:
1. One with contract TestService.IService: In this, binding is configured to have transport layer security , see inside the tag. So SSL has to be configured on IIS.
2. One with contract IMetadataExchange: this is also configured to
an HTTPS call. If you see the binding it is mexHttpsBinding, and in the
service behaviors section, httpsGetEnabled is used, here I tried to
even secure the metadata publishing through WSDL.
To configure this Web.config file you can use SvcConfigEditor.exe which is located in
C:\program files\microsoft sdks\windows\v6.0\bin\svcconfigeditor.exe
If you try to run the code from Visual Studio then you get an exception as shown below:
"Could not find a base address that matches scheme HTTPS for the
endpoint with binding WSHttpBinding. Registered base address schemes
are [HTTP]."
So first configure the website on SSL. To get an idea on how to
configure SSL, you can go through this. Make sure that when you
configure the SSL, the certificate CN value should be exactly the same
as the URL of the website. For example, if your webservice address is
http:\\www.example.com, then issue a certificate on the name : CN =
http:\\www.example.com.
Don't forget to host an entry in the hosts file
c:\windows\system32\drivers\etc\hosts. If you want to put this on
localhost then just enter the following in the host file 127.0.0.1
www.example.com.
Configure www.example.com as the header value in the website
properties on port 80. Once you are done with SSL, you will access the
webservice through the web browser as
https://www.example.com/service.svc. On this page you will have the
HTTPS URL for WSDL .
I have even enabled tracing and message logging on the webservice.
To view the service log just use svctraceviewer.exe by loading
service.log file in this. See the tag above
Note that I have not put any certificates to run this sample. So if
you want to run this sample, then generate a certificate, install it on
IIS as per the instructions above and run it though the browser.