Problem calling WCF service internet

I am developing a WCF service that will be called by customer in internet. The service is hosted in IIS7 and accept only http. For clients call us from https we do is have a reverse proxy that forwards the request to the application https to http. The customer give a https url to connect and does so smoothly, adding the reference to the service properly. The problem comes when trying to create a client and add in your endpoint https and execute it, as it reads:

System.ArgumentException: The provided URI scheme 'https' is invalid,

expected 'http'. Parameter name: via.

I leave part of the service's web.config:

<bindings>
 <wsHttpBinding>
  <binding name="ConfigEP">
   <security mode="Message">
    <message clientCredentialType="Certificate" />
   </security>
  </binding>
 </wsHttpBinding>
</bindings>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true">
 <baseAddressPrefixFilters>
  <add prefix="http://serverInterno/App/"/>
 </baseAddressPrefixFilters>
</serviceHostingEnvironment>
<services>
 <service behaviorConfiguration="App.AppM_NameBehavior" name="App.AppM_Name">
  <endpoint address="" behaviorConfiguration="App.AppM_NameEPBehavior" binding="wsHttpBinding" bindingConfiguration="ConfigEP" name="App.AppM_NameEP" bindingNamespace="http://siteName/AppM_Name" contract="App.IAppM_Name" />
 </service>
</services>
<behaviors>
 <endpointBehaviors>
  <behavior name="App.AppM_NameEPBehavior">
   <wsdlExtensions location="https://urlsegura/App/Appm_Name.svc" singleFile="true" />
  </behavior>
 </endpointBehaviors>
 <serviceBehaviors>
  <behavior name="App.AppM_NameBehavior">
   <serviceDebug includeExceptionDetailInFaults="true" />
   <serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" />
   <serviceCredentials>
    <clientCertificate>
     <authentication customCertificateValidatorType="App.Validador, App" certificateValidationMode="Custom" />
    </clientCertificate>
    <serviceCertificate findValue="XX XX XX XX XX XX XX XX XX XX" x509FindType="FindBySerialNumber" />
   </serviceCredentials>
  </behavior>
 </serviceBehaviors>
</behaviors>
<extensions>
 <behaviorExtensions>
  <add name="wsdlExtensions" type="WCFExtras.Wsdl.WsdlExtensionsConfig, WCFExtras, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null"/>
 </behaviorExtensions>
</extensions>

and here the client's app.config:

<system.serviceModel>
 <behaviors>
  <endpointBehaviors>
   <behavior name="NewBehavior">
    <clientCredentials>
     <clientCertificate findValue="XX XX XX XX XX XX XX XX XX XX" x509FindType="FindBySerialNumber" />
    </clientCredentials>
   <开发者_如何学C;/behavior>
  </endpointBehaviors>
 </behaviors>
 <bindings>
  <wsHttpBinding>
   <binding name="App.AppM_NameEP" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
    <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
    <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" />
    <security mode="Message">
     <transport clientCredentialType="None" proxyCredentialType="None" realm="" />
     <message clientCredentialType="Certificate" negotiateServiceCredential="true" algorithmSuite="Default" establishSecurityContext="true" />
    </security>
   </binding>
  </wsHttpBinding>
 </bindings>
 <client>
  <endpoint address="https://urlsegura/App/Appm_Name.svc" binding="wsHttpBinding" bindingConfiguration="App.AppM_NameEP" contract="App.IAppM_Name" name="App.AppM_NameEP">
   <identity>
    <certificate encodedValue="XXXX" />
   </identity>
  </endpoint>
 </client>
</system.serviceModel>

Thanks in advance. Best regards.

I think your error is being caused because you're using message based security on your configuration. Try changing it to Transport instead (in both the client and service configuration files), so that it uses SSL for security rather than encrypting the message.

You can use TransportWithMessageCredential if you absolutely must have the message encrypted also. Hope that helps.

I don't understand the reverse proxy you describe but it seems you're trying to support access from both HTTP & HTTPS. To do this, you will need to add a second endpoint. You'd configure the service something like this:

<wsHttpBinding>
 <binding name="ConfigEP">
  <security mode="Message">
   <message clientCredentialType="Certificate" />
  </security>
 </binding>
 <binding name="ConfigEPHttps">
  <security mode="TransportWithMessageCredential">
   <message clientCredentialType="Certificate" />
  </security>
 </binding>
</wsHttpBinding>

and this add the new endpoint:

<service behaviorConfiguration="App.AppM_NameBehavior" name="App.AppM_Name">
 <endpoint address="" behaviorConfiguration="App.AppM_NameEPBehavior"
   binding="wsHttpBinding"
   bindingConfiguration="ConfigEP"
   name="App.AppM_NameEP" 
   bindingNamespace="http://siteName/AppM_Name"
   contract="App.IAppM_Name" />
 <endpoint address="secure" behaviorConfiguration="App.AppM_NameEPBehavior"
   binding="wsHttpBinding"
   bindingConfiguration="ConfigEPHttps"
   name="App.AppM_NameEPHttps" 
   bindingNamespace="http://siteName/AppM_Name"
   contract="App.IAppM_Name" />
</service>

You also need make this change to get the WSDL over HTTPS:

<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />