none
Converting HTTP Receive Location to HTTPS RRS feed

  • Question

  • I have hosted my Orchestration as (HTTP) WCF service, The Receive location has a WS-http binding using CustomIsolated Adapter. Security mode was with Message enabled with Windows authentication, which was working fine.

    Now we wanted to convert this to a HTTPS receive location. Below are the steps i have done

    1. Changed the Web.config Service behavior to accomodate https binding

    <serviceBehaviors>
            <behavior name="ServiceBehaviorConfiguration">
              <serviceDebug httpHelpPageEnabled="false" httpsHelpPageEnabled="true" includeExceptionDetailInFaults="false" />
              <serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" />
            </behavior>
          </serviceBehaviors>

    2. Enabled the Website with HTTPS protocol with Port 443

    3. Enabled the SSL Configuration and assigned SSL certificate to the same

    4. Changed the adapter settings from Message to TransportWithMessageCredentials in the CustomIsolated Adapter

    5.Windows Authentication is enabled in the IIS.

    6. Restarted the IIS App pool, restarted the port, restarted IIS server

    but the client is receiving an error as 

    The provided URI scheme 'https' is invalid; expected 'http'. Parameter name: via 

    Please suggest if am missing any configuration.....

    ca


    Regards, Vignesh S


    Tuesday, July 26, 2016 5:40 AM

Answers

  • Thank you every one for the suggestion.

    The Issue is resolved now. As my server is a clustered server, I have applied the SSL settings on only one server.

    As the load balancer we use points to both the cluster servers, we were not able to consume the correct .svc.

    After configuring the SSL on both servers and restart of Rcv location, IIS , Application App pools has made it work.

    Thanks again!


    Regards, Vignesh S

    Thursday, August 4, 2016 11:29 AM

All replies

  • Hi Vignesh

    Are you able to browse to the .svc file for the BizTalk service over https URI?

    Also, after the changes in BizTalk config, did you update the client WCF bindings? The bindings on both the server and client should be in sync. Maybe you can refresh the client proxy. The binding on client config should have the correct security mode set-

    <security mode="TransportWithMessageCredentials ">

    Refer thread below-

    http://stackoverflow.com/questions/2435823/the-provided-uri-scheme-https-is-invalid-expected-http-parameter-name-via


    Thanks Arindam



    Tuesday, July 26, 2016 5:47 AM
    Moderator
  • Hi,

    Within your local box are you able to browse the .svc with Https??

    Can you check if any Load Balancer mechanism for the service you have hosted on IIS, if so can you try setting the following parameters in custom bindings.

    <security allowInsecureTransport="true" enableUnsecuredResponse="true">

    Please refer the following article for more information,

    https://blogs.msdn.microsoft.com/dsnotes/2014/10/03/ssl-offloading-in-load-balancer-scenario/

    Hope this Helps!!!!

    Please Mark as Answered If you satisfy with Reply. 

    Tuesday, July 26, 2016 8:09 AM
  • Yes, we are able to browse the URI's outside the server.

    We tried the above options;

    When i consume the service binding holds a endpoint address as http only.

    Is there any thing i need to change?


    Regards, Vignesh S

    Tuesday, July 26, 2016 1:55 PM
  • When we consume the service, the binding should reflect https standard, but we are getting only the endpoint address with HTTP.

    Do we need to explicitly mention in the client config that it should use TransportWithMessageCredentials? I have an impression that it should be generated from Service binding. Please advice.


    Regards, Vignesh S

    Tuesday, July 26, 2016 1:57 PM
  • When you consume the service from client, it should reflect the correct https address, as well as the security setting(s). Something is amiss. 

    Did you try to do a IISReset/stop+start the WCF ReceiveLocation?

    Also as a test, can you change the endpoint address to https; and set <security mode="TransportWithMessageCredentials "> in the client config and check if it works?



    Thanks Arindam


    Tuesday, July 26, 2016 2:19 PM
    Moderator
  • Thank you every one for the suggestion.

    The Issue is resolved now. As my server is a clustered server, I have applied the SSL settings on only one server.

    As the load balancer we use points to both the cluster servers, we were not able to consume the correct .svc.

    After configuring the SSL on both servers and restart of Rcv location, IIS , Application App pools has made it work.

    Thanks again!


    Regards, Vignesh S

    Thursday, August 4, 2016 11:29 AM