none
WSDL does not load when WCF Service hosted on DMZ using SSL RRS feed

  • Question

  • Hi,

    I have created a simple WCF service an hosted on DMZ server where SSL is enabled. Below are the list of software I am using.

    1. Windows Server 2012 R2 with IIS 8.5
    2. WCF service written using .Net Framework 4.5.2 framework
    3. SSL certificate from signed from trusted certificate authority
    4. External DNS URL mapped to the external IP

    I followed the below steps to configure SSL in IIS.

    1. At the Default Web Site, I enabled the https binding with the SSL certificate
    2. On the IIS server which is in DMZ, I have enabled "Requires SSL" under the SSL settings of the application where WCF is hosted.
    3. The App pool is using "Integrated" and running in "Network Service" account

    Below is the WCF configuration which I have used for testing.

    -----------------------------------------------------------------------------------------------------------------------------------------

    <?xml version="1.0" encoding="utf-8" ?>
    <configuration>

      <system.diagnostics>
        <sources>
          <source name="System.ServiceModel.MessageLogging" switchValue="Warning,ActivityTracing">
            <listeners>
              <add type="System.Diagnostics.DefaultTraceListener" name="Default">
                <filter type="" />
              </add>
              <add name="ServiceModelMessageLoggingListener">
                <filter type="" />
              </add>
            </listeners>
          </source>
          <source propagateActivity="true" name="System.ServiceModel" switchValue="Warning,ActivityTracing">
            <listeners>
              <add type="System.Diagnostics.DefaultTraceListener" name="Default">
                <filter type="" />
              </add>
              <add name="ServiceModelTraceListener">
                <filter type="" />
              </add>
            </listeners>
          </source>
        </sources>
        <sharedListeners>
          <add initializeData="E:\WebServices\Web_messages.svclog"
            type="System.Diagnostics.XmlWriterTraceListener, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
            name="ServiceModelMessageLoggingListener" traceOutputOptions="Timestamp">
            <filter type="" />
          </add>
          <add initializeData="E:\WebServices\Web_tracelog.svclog"
            type="System.Diagnostics.XmlWriterTraceListener, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
            name="ServiceModelTraceListener" traceOutputOptions="Timestamp">
            <filter type="" />
          </add>
        </sharedListeners>
      </system.diagnostics>
      <appSettings>
        <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
      </appSettings>
      <system.web>
        <compilation debug="true" />
    <customErrors mode="Off"></customErrors>
      </system.web>
      <!-- When deploying the service library project, the content of the config file must be added to the host's 
      app.config file. System.Configuration does not support config files for libraries. -->
      <system.serviceModel>
        <diagnostics>
          <messageLogging logMalformedMessages="true" logMessagesAtTransportLevel="true" />
        </diagnostics>
        <services>
          <service name="WcfService.Service1">
            <endpoint address="" binding="basicHttpBinding" bindingConfiguration=""
              name="basicHttpBinding_IService1" contract="WcfService.IService1" />
            <endpoint address="mex" binding="mexHttpBinding" name="mexHttpBinding_IMetadataExchange"
              contract="IMetadataExchange" />
            <host>
              <baseAddresses>
                <add baseAddress="https://services.test.com/" />
              </baseAddresses>
            </host>
          </service>
        </services>
        <behaviors>
          <serviceBehaviors>
            <behavior name="">
              <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"
                httpsGetUrl="https://services.test.com/WcfService/Service.svc" />
              <serviceDebug httpHelpPageEnabled="true" includeExceptionDetailInFaults="true" />
              <useRequestHeadersForMetadataAddress />
            </behavior>
          </serviceBehaviors>
        </behaviors>
      </system.serviceModel>

    </configuration>

    -----------------------------------------------------------------------------------------------------------------------------------------

    When I access the service (https://services.test.com/WcfService/Service.svc) externally from my personal computer I get to the page where it displays the standard generic page and when I click on (https://services.test.com/WcfService/Service.svc?wsdl) it fails to load and for some reason it gets redirected to http.

    Also if I enable "Requires SSL" in IIS the service fails to load. But if I disable this setting The .svc loads and wsdl does not load.

    Please provide me the WCF settings which I need to make for this to work.


    Sriram Mallajyosula


    • Edited by S Mallajyosula Monday, April 24, 2017 5:44 PM Get help on WCF settings
    Monday, April 24, 2017 3:21 PM

Answers

  • This issue has been resolved at the firewall level. The https request was being forwarded as http request. After that was changed the issue has been resolved. 

    Sriram Mallajyosula

    Friday, July 21, 2017 12:21 PM

All replies

  • To check whether it is related with URL mapping, I suggest you try to access the .svc file from Windows Server. Will you get any error?

    >> But if I disable this setting The .svc loads and wsdl does not load.

    Did you get any error when disabling Require SSL?

    I suggest you make a test with below configuration.

    <?xml version="1.0" encoding="utf-8" ?>
    <configuration>   
      <system.web>
        <compilation debug="true" />
      <system.serviceModel>   
        <services>
          <service name="WcfService.Service1">
            <endpoint address="" binding="basicHttpBinding" bindingConfiguration=""
              name="basicHttpBinding_IService1" contract="WcfService.IService1" />
            <endpoint address="mex" binding="mexHttpBinding" name="mexHttpBinding_IMetadataExchange"
              contract="IMetadataExchange" />
          </service>
        </services>
        <behaviors>
          <serviceBehaviors>
            <behavior name="">
              <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
              <serviceDebug httpHelpPageEnabled="true" includeExceptionDetailInFaults="true" />
            </behavior>
          </serviceBehaviors>
        </behaviors>
      </system.serviceModel>
    </configuration>


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Thursday, April 27, 2017 6:33 AM
  • This issue has been resolved at the firewall level. The https request was being forwarded as http request. After that was changed the issue has been resolved. 

    Sriram Mallajyosula

    Friday, July 21, 2017 12:21 PM