0

My team has a small WCF Rest service written in .NET 4.0. Historically, it has been deployed on Server 2008 machines running IIS 7, using the following binding configuration:

<bindings>
  <webHttpBinding>
    <binding name="httpsBinding">
      <security mode="Transport"/>
    </binding>
  </webHttpBinding>
</bindings>

As one would expect, the service works just fine with HTTP or HTTPS, so long as the web server is configured with bindings for each.

However, when we install the service on a Server 2012 box running IIS 8, the service will work just fine via HTTPS, but requests over HTTP fail with a 404 status.

We have looked at the IIS configuration of the Server 2008 and Server 2012 machines, but there is nothing that stands out as an obvious culprit. All the settings appear to be the same.

Is there any extra configuration that needs to be done either in IIS or in the web config? There are plenty of questions out there on SO and MSDN about services which work with HTTP and not HTTPS, but none that I have seen for the reverse.

edit:

According to the WCF trace logs, the 2008 machine opens endpoint listeners on both HTTP and HTTPS, whereas the 2012 machine only opens an endpoint listener for HTTPS.

To be sure I am not missing anything on the service itself, I have installed the same MSI on both machines and even over-wrote the web.config on the 2012 box with the one from the 2008 box (though they should have been identical anyways). There is no change in behavior.

edit 2:

Below is the web.config in its entirety:

<?xml version="1.0"?>
<configuration>
  <appSettings/>
  <connectionStrings/>
  <system.web>
    <!--
            The <authentication> section enables configuration 
            of the security authentication mode used by 
            ASP.NET to identify an incoming user. 
        -->
    <authentication mode="None"/>
    <compilation targetFramework="4.0"/>
    <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/>
  </system.web>
  <system.serviceModel>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
    <services>
      <service name="service1">
        <endpoint behaviorConfiguration="webHttp" binding="webHttpBinding" bindingConfiguration="httpsBinding" contract="service1"/>
      </service>
      <service name="service2">
        <endpoint behaviorConfiguration="webHttp" binding="webHttpBinding" bindingConfiguration="httpsBinding" contract="service2"/>
      </service>
      <service name="service3">
        <endpoint behaviorConfiguration="webHttp" binding="webHttpBinding" bindingConfiguration="httpsBinding" contract="service3"/>
      </service>
    </services>
    <bindings>
      <webHttpBinding>
        <binding name="httpsBinding">
          <security mode="Transport"/>
        </binding>
      </webHttpBinding>
    </bindings>
    <behaviors>
      <endpointBehaviors>
        <behavior name="webHttp">
          <webHttp/>
        </behavior>
      </endpointBehaviors>
    </behaviors>
  </system.serviceModel>
</configuration>
Dan Lyons
  • 219
  • 4
  • 12
  • You only show us the 404 you receive at the client side, while you should be diagnosing this from the server side. What do your IIS logs say about the exact cause of the error? What does WCF Tracing tell you, does the message end up in the WCF pipeline? Do non-WCF requests work on the same application? – CodeCaster Jan 14 '14 at 23:49
  • 1
    The HTTP status 404 code usually means the URL you're using can't be mapped to a service operation. If there was an authentication error you'd be getting a 403. Try [enabling WCF tracing](http://stackoverflow.com/questions/4271517/how-to-turn-on-wcf-tracing) to ensure that the HTTP requests are getting past IIS to the WCF pipeline. – Sixto Saez Jan 15 '14 at 02:43
  • Can you please show the rest of your service config. – Phil Degenhardt Jan 16 '14 at 21:08

1 Answers1

1

Add an HTTP endpoint for each service like this: 

<endpoint behaviorConfiguration="webHttp" binding="webHttpBinding" bindingConfiguration="httpBinding" contract="service3"/>

And associated binding for HTTP only:

<binding name="httpBinding">
    <security mode="None"/>
</binding>
Joe
  • 1,043
  • 2
  • 12
  • 21