none
SSL binding for WCF REST service RRS feed

  • Question

  • I have WCF Rest service and i want to configure it using SSL. The certificate is already installed and IIS 7 is setup to use SSL with "Require SSL" set to true. 

    Whenever i try to access to service via browser i get the following error

    An endpoint reference cycle was detected in your configuration. The following reference cycle must be removed: webHttpEndpoint/, webHttpEndpoint/.

    if i refresh browser then i see different error

    System.InvalidOperationException: Could not find a base address that matches scheme http for the endpoint with binding WebHttpBinding. Registered base address schemes are [https].

    below is my configuration file

    <system.serviceModel>
    	<bindings>
    		<basicHttpBinding>
    			<binding name="BasicHttpEndPoint" closeTimeout="00:01:00" openTimeout="00:01:00"
    				receiveTimeout="00:10:00" sendTimeout="00:10:00" allowCookies="false"
    				bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
    				maxBufferSize="2147483647" maxBufferPoolSize="524288" maxReceivedMessageSize="2147483647"
    				messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
    				useDefaultWebProxy="true">
    				<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="2147483647"
    					maxBytesPerRead="4096" maxNameTableCharCount="16384" />
    				<security mode="None">
    					<transport clientCredentialType="None" proxyCredentialType="None"
    					  realm="" />
    					<message clientCredentialType="UserName" algorithmSuite="Default" />
    				</security>
    			</binding>
    		</basicHttpBinding>
    	</bindings>
    	<client>
    		<endpoint address="XXXXXX"
    			binding="basicHttpBinding" bindingConfiguration="BasicHttpEndPoint"
    			contract="PackageService.IPackageService"
    			name="PackageEndPoint" />
    	</client>
    	<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
    	<standardEndpoints>
    		<webHttpEndpoint>			
    			<standardEndpoint name="" helpEnabled="true" automaticFormatSelectionEnabled="true">
    				<security mode="Transport"/>
    			</standardEndpoint>
    		</webHttpEndpoint>
    	</standardEndpoints>
    </system.serviceModel>

    Monday, May 13, 2013 5:53 PM

Answers

  • Hello..

    Well... Looking at your config details..

    I assume.... You have a service which exposes two endpoints. One deals with basicHttpBinding and the other webHttpBinding (REST).

    My questions..

    1. Where is the endpoint with webHttpBinding?

    2. To expose REST service on Https... you got to maintain service behavior.

    So.. at a high level.. your config file should look like below:

    <system.serviceModel>
        <bindings>
          <webHttpBinding>
            <binding>
              <security mode="Transport"/>
            </binding>
          </webHttpBinding>
        </bindings>
        <services>
          <service name="TestService" behaviorConfiguration="ServiceBehavior">
            <endpoint  address="" contract="TestService.ITestService" binding="webHttpBinding"/>
          </service>
        </services>
        <behaviors>
          <serviceBehaviors>
            <behavior name="ServiceBehavior">
              <serviceMetadata httpsGetEnabled="true"/>
            </behavior>
          </serviceBehaviors>
        </behaviors>
      </system.serviceModel>

    Service behavior is important as it enables Https.

    Thanls.


    Happy Coding, Kishore.

    • Marked as answer by lax4u Monday, May 13, 2013 7:40 PM
    Monday, May 13, 2013 6:27 PM
  • Thanks Koyala

    After reading that article carefully i found that, in addition to binding also have to keep <standardEndpoints> element but without security element as below

    <standardEndpoints>
    <webHttpEndpoint>
    <standardEndpoint name="" helpEnabled="true" automaticFormatSelectionEnabled="true">
    </standardEndpoint>
    </webHttpEndpoint>
    </standardEndpoints>


    Also you dont need add serviceBehaviors and enable <serviceMetadata httpsGetEnabled="true"/> unless you really want to expose metadata, ( in production you may not want to expose) it
    • Marked as answer by lax4u Monday, May 13, 2013 7:40 PM
    • Edited by lax4u Monday, May 13, 2013 7:47 PM
    Monday, May 13, 2013 7:39 PM

All replies

  • Hello..

    Well... Looking at your config details..

    I assume.... You have a service which exposes two endpoints. One deals with basicHttpBinding and the other webHttpBinding (REST).

    My questions..

    1. Where is the endpoint with webHttpBinding?

    2. To expose REST service on Https... you got to maintain service behavior.

    So.. at a high level.. your config file should look like below:

    <system.serviceModel>
        <bindings>
          <webHttpBinding>
            <binding>
              <security mode="Transport"/>
            </binding>
          </webHttpBinding>
        </bindings>
        <services>
          <service name="TestService" behaviorConfiguration="ServiceBehavior">
            <endpoint  address="" contract="TestService.ITestService" binding="webHttpBinding"/>
          </service>
        </services>
        <behaviors>
          <serviceBehaviors>
            <behavior name="ServiceBehavior">
              <serviceMetadata httpsGetEnabled="true"/>
            </behavior>
          </serviceBehaviors>
        </behaviors>
      </system.serviceModel>

    Service behavior is important as it enables Https.

    Thanls.


    Happy Coding, Kishore.

    • Marked as answer by lax4u Monday, May 13, 2013 7:40 PM
    Monday, May 13, 2013 6:27 PM
  • This REST service invokes another WCF service internally. basicHttpBinding is used by the <client>. 

    I thought <serviceMetadata httpsGetEnabled="true"/> is set only if you want to expose metadata. I n my case i dont want to expose metadata over internet.


    • Edited by lax4u Monday, May 13, 2013 6:54 PM
    Monday, May 13, 2013 6:53 PM
  • i set the configuration as you mentioned but when i browse the service i get error "Endpoint not found"

    here is my configuration 

    <system.serviceModel>
    	<bindings>
    		<basicHttpBinding>
    			<binding name="BasicHttpEndPoint" closeTimeout="00:01:00" openTimeout="00:01:00"
    				receiveTimeout="00:10:00" sendTimeout="00:10:00" allowCookies="false"
    				bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
    				maxBufferSize="2147483647" maxBufferPoolSize="524288" maxReceivedMessageSize="2147483647"
    				messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
    				useDefaultWebProxy="true">
    				<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="2147483647"
    					maxBytesPerRead="4096" maxNameTableCharCount="16384" />
    				<security mode="None">
    					<transport clientCredentialType="None" proxyCredentialType="None"
    					  realm="" />
    					<message clientCredentialType="UserName" algorithmSuite="Default" />
    				</security>
    			</binding>
    		</basicHttpBinding>
    		<webHttpBinding>
    			<binding>
    				<security mode="Transport"/>
    			</binding>
    		</webHttpBinding>
    	</bindings>
    	<services>
    		<service name="GatewayService" behaviorConfiguration="GatewayServiceBehavior">
    			<endpoint address="" contract="DocumentServiceGateway.IGatewayService" binding="webHttpBinding"/>
    		</service>
    	</services>
    	<behaviors>
    		<serviceBehaviors>
    			<behavior name="GatewayServiceBehavior">
    				<serviceMetadata httpsGetEnabled="true"/>
    			</behavior>
    		</serviceBehaviors>
    	</behaviors>
    	<client>
    		<endpoint address="XXXXXX"
    			binding="basicHttpBinding" bindingConfiguration="BasicHttpEndPoint"
    			contract="PackageService.IPackageService"
    			name="PackageEndPoint" />
    	</client>
    	<serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
    	<!--<standardEndpoints>
    			<webHttpEndpoint>
    				<standardEndpoint name="" helpEnabled="true" automaticFormatSelectionEnabled="true">
    					<security mode="Transport"/>
    				</standardEndpoint>
    			</webHttpEndpoint>
    		</standardEndpoints>-->
    </system.serviceModel>


    and here is the code that runs in global.asax

     public class Global : HttpApplication
        {
    
            public void Application_Start(object sender, EventArgs e)
            {
                RegisterRoutes();
            }
    
            private void RegisterRoutes()
            {
                RouteTable.Routes.Add(new ServiceRoute(string.Empty, new LocatorServiceHostFactory(), typeof(GatewayServiceHost)));
            }
    
    
            public class LocatorServiceHostFactory : WebServiceHostFactory
            {
                protected override ServiceHost CreateServiceHost(Type serviceType, Uri[] baseAddresses)
                {
                    return new LocatorWebServiceHost(serviceType, baseAddresses);
                }
            }
    }

    • Edited by lax4u Monday, May 13, 2013 7:07 PM
    Monday, May 13, 2013 7:04 PM
  • OK..

    Like I said.. set Security mode inside binding information.. instead of in StandardEndpoint.

    <webHttpBinding>
            <binding>
              <security mode="Transport"/>
            </binding>
          </webHttpBinding>

    Below link addresses your issue. Please check out.

    http://social.msdn.microsoft.com/Forums/en-US/wcf/thread/1dd991a1-e32f-4035-a406-994729858b40

    Hope it helps.

    Thanks.


    Happy Coding, Kishore.

    Monday, May 13, 2013 7:19 PM
  • as you can see the security mode is indeed set to "Transport" inside binding, The standardEndpoint section is commented out
    Monday, May 13, 2013 7:24 PM
  • Agree..

    Sorry... I did not check your latest reply while sending my reply.

    anyway.. Do try the steps which are discussed in the provided link.

    Thanks.


    Happy Coding, Kishore.

    Monday, May 13, 2013 7:27 PM
  • Thanks Koyala

    After reading that article carefully i found that, in addition to binding also have to keep <standardEndpoints> element but without security element as below

    <standardEndpoints>
    <webHttpEndpoint>
    <standardEndpoint name="" helpEnabled="true" automaticFormatSelectionEnabled="true">
    </standardEndpoint>
    </webHttpEndpoint>
    </standardEndpoints>


    Also you dont need add serviceBehaviors and enable <serviceMetadata httpsGetEnabled="true"/> unless you really want to expose metadata, ( in production you may not want to expose) it
    • Marked as answer by lax4u Monday, May 13, 2013 7:40 PM
    • Edited by lax4u Monday, May 13, 2013 7:47 PM
    Monday, May 13, 2013 7:39 PM
  • Yeah.. Glad that you have solved it.!!

    Thanks.


    Happy Coding, Kishore.

    Monday, May 13, 2013 7:48 PM