I need to host my WCF service in IIS 7.5 with message security and was unable to get it working. My configuration setting is the following:
<bindings>
<wsHttpBinding>
<binding name="wsHttpBindingCert">
<security mode="Message">
<transport clientCredentialType="Certificate" />
<message clientCredentialType="Certificate" />
</security>
</binding>
</wsHttpBinding>
<mexHttpBinding>
<binding name="mexHttpBinding" />
</mexHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="httpsBehavior" name="MyService">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="wsHttpBindingCert"
contract="IMyService" >
</endpoint>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="https://localhost:443/MyService/" />
</baseAddresses>
</host>
</service>
</services>
If I switch the security mode to "TransportWithMessageCredentials" it is working in IIS. What do I need to change for "Message" security in this configuration file? I am getting the error "Could not find a base address
that matches scheme http for the endpoint with binding WSHttpBinding. Registered base address schemes are [https]. Should my base address for the service change to http instead of https? I am really confused.
I am actually trying to make custom X509CertificateValidator working with my service so I can authenticate users based on the certificate they pass in. Does the TransportWithMessageCredentail mode support custom X509CertificateValidator?
Thanks for any help.