none
WCF Message Security Hosting in IIS Configuration Problem RRS feed

  • Question

  • I need to host my WCF service in IIS 7.5 with message security and was unable to get it working.  My configuration setting is the following:

    <bindings>
       <wsHttpBinding>
           <binding name="wsHttpBindingCert">
              <security mode="Message">
                <transport clientCredentialType="Certificate" />
                <message clientCredentialType="Certificate" />
              </security>
            </binding>
          </wsHttpBinding>
          <mexHttpBinding>
            <binding name="mexHttpBinding" />
          </mexHttpBinding>
    </bindings> 
    <services>
       <service behaviorConfiguration="httpsBehavior" name="MyService">
          <endpoint address="" binding="wsHttpBinding" bindingConfiguration="wsHttpBindingCert"
              contract="IMyService" >
          </endpoint>
          <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
          <host>
            <baseAddresses>
              <add baseAddress="https://localhost:443/MyService/" />
            </baseAddresses>
          </host>
          </service>
    </services>

    If I switch the security mode to "TransportWithMessageCredentials" it is working in IIS.  What do I need to change for "Message" security in this configuration file?  I am getting the error "Could not find a base address that matches scheme http for the endpoint with binding WSHttpBinding.  Registered base address schemes are [https].  Should my base address for the service change to http instead of https?  I am really confused.

    I am actually trying to make custom X509CertificateValidator working with my service so I can authenticate users based on the certificate they pass in.   Does the TransportWithMessageCredentail mode support custom X509CertificateValidator?

    Thanks for any help.

    Thursday, January 17, 2013 5:30 PM

Answers

All replies