Https web service in .NET problem

i'm new in .NET and in SSL and i'm facing the problem with establishing the secure communication between the SOAP service and the client. It was working fine with HTTP but now we have to apply the SSL. We get the certificate from a CA. next steps weres done are following:

1) enabling port used by the service using the httpcfg set ssl -i 0.0.0.0:777 -h <thumbprintkey>

2) httpcfg set urlacl -u https://<domanname>:777/TlsService/ServiceSecure -a D:(A;;GA;;;AN)

3)httpcfg set iplisten-i 0.0.0.0:777

The WebService code is following:

WSHttpBinding binding = new WSHttpBinding();
binding.Security.Mode = SecurityMode.Transport;
binding.Security.Message.ClientCredentialType = MessageCredentialType.None;

ServiceHost host = new ServiceHost(typeof(DeviceObservationConsumer_hostPCDData), new Uri("https://<domainname>:777/TlsService/ServiceSecure"));
host.Credentials.ServiceCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindByThumbprint, (string)"bd 35 ec c0 e6 b3 9a ac 74 09 09 c5 84 b8 fd 58 51 44 87 7d");

host.AddServiceEndpoint(typeof(IDeviceObservationConsumer_Binding_Soap12), binding, "");

ServiceMetadataBehavior smb = host.Description.Behaviors.Find<ServiceMetadataBehavior>();
// If not, add one
if (smb == null)
    smb = new ServiceMetadataBehavior();
smb.HttpsGetEnabled = true;

host.Description.Behaviors.Add(smb);

// Add MEX endpoint
host.AddServiceEndpoint(ServiceMetadataBehavior.MexContractName, MetadataExchangeBindings.CreateMexHttpsBinding(), "mex");

host.Open();

The client code is following:

WSHttpBinding binding = new WSHttpBinding();
binding.Security.Mode = SecurityMode.Transport;
binding.Security.Message.ClientCredentialType = MessageCredentialType.None;

EndpointAddress addr = new EndpointAddress("https://<domainname>:777/TlsService/ServiceSecure");

ChannelFactory<DeviceObservationConsumer_PortType> myChannelFactory = new ChannelFactory<DeviceObservationConsumer_PortType>(binding, addr);
//myChannelFactory.Credentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindByThumbprint, (string)"bd 35 ec c0 e6 b3 9a ac 74 09 09 c5 84 b8 fd 58 51 44 87 7d");

DeviceObservationConsumer_PortType client = myChannelFactory.CreateChannel();

CommunicatePCDDataRequest req = new CommunicatePCDDataRequest("ciao mamma guarda come mi diverto!");
CommunicatePCDDataResponse resp = client.CommunicatePCDData(req);

myChannelFactory.Close();

Both service and client are on the same PC.

I can't access the https://<domanname>:777/TlsService/ServiceSecure via browser (get the page not found error) and for sure the client can't access it neither. where could be the problem could someone help me!!!!??

Thanks in advance,

Liudmila

My understanding is that WSHttpBinding uses HTTP as the transport protocol. For using HTTPS, you must specify HTTPS Transport protocol.

I suggest you try using custom binding (instead of WSHttpBinding which is preconfigured), with HttpsTransportBindingElement.

Your configuration would be similar to,

<customBinding>
    <binding name="myBinding">
        <reliabileSession />
        <security><!--Your security section falls in here -->
        </security>
        <httpsTransport/>
        <textMessageEncoding />
    </binding>
</customBinding>

You may refer to customBinding for more information.

Here is a code we were using this time: service:

ServiceHost host = new ServiceHost(typeof(DeviceObservationConsumer_hostPCDData), new Uri("https://<PCname>:777/TlsService/ServiceSecure"));
CustomBinding tlsbinding = new CustomBinding();
tlsbinding.Name = "TlsBinding";

HttpsTransportBindingElement httpsTransport = new HttpsTransportBindingElement();
tlsbinding.Elements.Add(httpsTransport);

ServiceDebugBehavior sdb = host.Description.Behaviors.Find<ServiceDebugBehavior>();
// If not, add one
if (sdb == null)
    sdb = new ServiceDebugBehavior();
sdb.IncludeExceptionDetailInFaults = true;

ServiceMetadataBehavior smb = host.Description.Behaviors.Find<ServiceMetadataBehavior>();
// If not, add one
if (smb == null)
    smb = new ServiceMetadataBehavior();
smb.HttpsGetEnabled = true;

host.Description.Behaviors.Add(smb);
host.Description.Behaviors.Add(sdb);
// Add MEX endpoint
host.AddServiceEndpoint(ServiceMetadataBehavior.MexContractName, MetadataExchangeBindings.CreateMexHttpsBinding(), "mex");
// Add application endpoint
host.AddServiceEndpoint(typeof(IDeviceObservationConsumer_Binding_Soap12), tlsbinding, "");

host.Credentials.ServiceCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindByThumbprint, (string)"bd 35 ec c0 e6 b3 9a ac 74 09 09 c5 84 b8 fd 58 51 44 87 7d");
// hosting the WS
host.Open();

Client:

CustomBinding binding = new CustomBinding();
binding.Name = "TlsBinding";

HttpsTransportBindingElement httpsTransport = new HttpsTransportBindingElement();
binding.Elements.Add(httpsTransport);

EndpointAddress addr = new EndpointAddress("https://<PCname>:777/TlsService/ServiceSecure");

ChannelFactory<DeviceObservationConsumer_PortType> myChannelFactory = new ChannelFactory<DeviceObservationConsumer_PortType>(binding, addr);

DeviceObservationConsumer_PortType client = myChannelFactory.CreateChannel();

CommunicatePCDDataRequest req = new CommunicatePCDDataRequest("ciao mamma guarda come mi diverto!");
CommunicatePCDDataResponse resp = client.CommunicatePCDData(req);

myChannelFactory.Close();

The rest of the steps were done to enable the SSL looks good for u?

Thanks again for the response!

Liudmila