none
The provided URI scheme 'https' is invalid; expected 'http'. Parameter name: via RRS feed

  • Question

  • Following is the scenario.

    We have F5 load balancer and incoming requests comes in to the F5 load balancer as HTTPs and then they are redirected to WCF services server as HTTP. 

    I have tried almost all possible configuration combinations but it keeps giving two different errors. For example, in light of few suggestions, I have tried changing security mode to 'Transport' then the error changes to as follows: "Could not establish secure channel for SSL/TLS with authority 'xxx.xxx.xxx.xxx:XXXX'."

    Server Configuration:

      <system.serviceModel>
        <services>
          <service behaviorConfiguration="NameofServiceBehaviour" name="NameOfServices">
            <endpoint address="" binding="wsHttpBinding" bindingConfiguration="wsHttpEndPointBinding" name="wsHttpEndPoint" contract="Name.IContractName" />
          </service>
        </services>
        <bindings>
          <wsHttpBinding>
            <binding name="wsHttpEndPointBinding">
              <security mode="None"> 
    <!-- <transport clientCredentialType="Certificate" /> -->
     </security>
            </binding>
          </wsHttpBinding>
        </bindings>
        <behaviors>
          <serviceBehaviors>
            <behavior name="ServiceBehaviourName">
              <serviceMetadata httpGetEnabled="true" />
              <serviceDebug includeExceptionDetailInFaults="false" />
              <!-- <serviceCredentials>
                <serviceCertificate findValue="CN=CertificateName" storeLocation="LocalMachine" />
              </serviceCredentials> -->
            </behavior>
          </serviceBehaviors>
        </behaviors>
        <serviceHostingEnvironment multipleSiteBindingsEnabled="false" />
      </system.serviceModel>

    Client Configuration:

    <system.serviceModel>
            <bindings>
                <wsHttpBinding>
                    <binding name="wsHttpEndPoint">
                        <security mode="None" />
                    </binding>
                </wsHttpBinding>
            </bindings>
            <client>
                <endpoint address="https://URL.svc"
                    binding="wsHttpBinding" bindingConfiguration="wsHttpEndPoint"
                    contract="Name.IContractName" name="wsHttpEndPoint" />
            </client>
        </system.serviceModel>

    Regards,

    Nasir

    Tuesday, August 25, 2015 2:01 PM

Answers

  • After banging my head for few days, I found the answer. Following link was very helpful:

    http://blogs.msdn.com/b/dsnotes/archive/2014/10/03/ssl-offloading-in-load-balancer-scenario.aspx

    The key was to set following parameters in custom binding:

    <security allowInsecureTransport="true" enableUnsecuredResponse="true">

    -

    Nasir


    Monday, August 31, 2015 12:30 PM

All replies

  • Hi Muhammad Nasir Waqar,

    According to this case, form the error message, I thought that probably the client

    does not trust the server certificate.

    And in your web.config file you need set it in your configuration file, like below:

    <serviceMetadata httpsGetEnabled="true" />

    And you need add a endpoint with mexhttpbinding  to exchange metadata. code shown below:

    <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange"/>

    For more information, please refer to the following articles:

    1.Seven simple steps to enable HTTPS on WCF WsHttp bindings

    2.Could not establish secure channel for SSL/TLS with authority 'xxx.xxx.xxx.xxx.:8443

    I hope that will be helpful to you.

    Best Regards,

    Grady

    Wednesday, August 26, 2015 6:30 AM
    Moderator
  • After banging my head for few days, I found the answer. Following link was very helpful:

    http://blogs.msdn.com/b/dsnotes/archive/2014/10/03/ssl-offloading-in-load-balancer-scenario.aspx

    The key was to set following parameters in custom binding:

    <security allowInsecureTransport="true" enableUnsecuredResponse="true">

    -

    Nasir


    Monday, August 31, 2015 12:30 PM