0

I am running IIS 7.5 and I have an SSL cert for my asp.net mvc website. My service is complimentary to my website, so I access the website with https://www.example.com and I access my service via https://www.example.com/MyService/Service1.svc.

I have code that works for HTTP, but I have been trying to migrate it to HTTPS and whatever example I find on the web: Microsoft, Stackoverflow, Youtube, etc. they all kind of do it the same way, but for some reason I can't get my code to run. Can anyone please help me out.

Visual Studio Error Message when "Add Service Reference" is used: "There was an error downloading 'https://www.example.com/MyService/Service1.svc?wsdl/$metadata'. The request was aborted: Could not create SSL/TLS secure channel. Metadata contains a reference that cannot be resolved: 'https://www.example.com/MyService/Service1.svc?wsdl'. Could not establish secure channel for SSL/TLS with authority 'www.example.com'. The request was aborted: Could not create SSL/TLS secure channel. If the service is defined in the current solution, try building the solution and adding the service reference again."

On my server if I go into IIS Manager and click on my service and click on Browse www.example.com on *.443(https) I get a directory listing, which is one of the items I turned on in web.config.

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <configSections>
    <section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
    <!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
  </configSections>
  <appSettings>
    <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
    <!--Email Information-->

  </appSettings>
  <!--
    For a description of web.config changes see http://go.microsoft.com/fwlink/?LinkId=235367.

    The following attributes can be set on the <httpRuntime> tag.
      <system.Web>
        <httpRuntime targetFramework="4.5" />
      </system.Web>
  -->
  <system.web>
    <customErrors mode="Off"/>
    <compilation debug="true" targetFramework="4.7" />
    <httpRuntime targetFramework="4.7" />
  </system.web>
  <system.serviceModel>

    <bindings>
      <wsHttpBinding>
        <binding name="secureHttpBinding">  
            <security mode="Transport">  
                <transport clientCredentialType="None"/>  
            </security>  
        </binding>  
      </wsHttpBinding>
    </bindings>
    <services>
      <service name="MyService.MyServiceOperations"  behaviorConfiguration="MyServiceBehavior">
        <host>
            <baseAddresses>
                <add baseAddress="https://www.example.com"/>
            </baseAddresses>
        </host>
        <endpoint address="basic1" binding="wsHttpBinding" bindingConfiguration="secureHttpBinding" contract="MyService.IUserOperations" />
        <endpoint address="basic1" binding="wsHttpBinding" bindingConfiguration="secureHttpBinding" contract="MyService.IPaymentOperations" />
        <endpoint address="basic1" binding="wsHttpBinding" bindingConfiguration="secureHttpBinding" contract="MyService.ILocationOperations" />
        <endpoint address="basic1" binding="wsHttpBinding" bindingConfiguration="secureHttpBinding" contract="MyService.IInfoOperations" />
        <endpoint address="basic1" binding="wsHttpBinding" bindingConfiguration="secureHttpBinding" contract="MyService.IServiceLocationOperations" />
        <endpoint address="basic1" binding="wsHttpBinding" bindingConfiguration="secureHttpBinding" contract="MyService.IHelperOperations" />
        <endpoint address="basic1" binding="wsHttpBinding" bindingConfiguration="secureHttpBinding" contract="MyService.IReporting" />
        <endpoint address="basic1" binding="wsHttpBinding" bindingConfiguration="secureHttpBinding" contract="MyService.ISubItems" />
        <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange"/>
      </service>
    </services>
    <behaviors>
      <serviceBehaviors>
        <behavior name="MyServiceBehavior">
          <!-- To avoid disclosing metadata information, set the values below to false before deployment -->
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
          <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
          <serviceDebug includeExceptionDetailInFaults="true" />
        </behavior>
      </serviceBehaviors>
      <endpointBehaviors>
        <behavior name="jsonEndPoints">
          <webHttp />
        </behavior>
      </endpointBehaviors>
    </behaviors>

    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
  </system.serviceModel>
  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true" />
    <!--
        To browse web app root directory during debugging, set the value below to true.
        Set to false before deployment to avoid disclosing web app folder information.
      -->
    <directoryBrowse enabled="true" />
  </system.webServer>
  <connectionStrings>
    <!--DB Connection Strings Have been Removed-->
  </connectionStrings>
  <entityFramework>
    <defaultConnectionFactory type="System.Data.Entity.Infrastructure.LocalDbConnectionFactory, EntityFramework">
      <parameters>
        <parameter value="v13.0" />
      </parameters>
    </defaultConnectionFactory>
    <providers>
      <provider invariantName="System.Data.SqlClient" type="System.Data.Entity.SqlServer.SqlProviderServices, EntityFramework.SqlServer" />
     <provider invariantName="MySql.Data.MySqlClient" type="MySql.Data.MySqlClient.MySqlProviderServices, MySql.Data.EntityFramework, Version=8.0.13.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d"></provider>
    </providers>
  </entityFramework>
  <runtime>
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
      <dependentAssembly>
        <assemblyIdentity name="MySql.Data" publicKeyToken="c5687fc88969c44d" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-8.0.13.0" newVersion="8.0.13.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="Google.Protobuf" publicKeyToken="a7d26565bac4d604" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-3.6.1.0" newVersion="3.6.1.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="Microsoft.EntityFrameworkCore" publicKeyToken="adb9793829ddae60" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-2.1.4.0" newVersion="2.1.4.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Interactive.Async" publicKeyToken="94bc3704cddfc263" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-3.2.0.0" newVersion="3.2.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="Remotion.Linq" publicKeyToken="fee00910d6e5f53b" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-2.2.0.0" newVersion="2.2.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="Microsoft.Extensions.Logging.Abstractions" publicKeyToken="adb9793829ddae60" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-2.1.1.0" newVersion="2.1.1.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="Microsoft.Extensions.DependencyInjection.Abstractions" publicKeyToken="adb9793829ddae60" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-2.1.1.0" newVersion="2.1.1.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Diagnostics.DiagnosticSource" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-4.0.3.1" newVersion="4.0.3.1" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="Microsoft.Extensions.DependencyInjection" publicKeyToken="adb9793829ddae60" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-2.1.1.0" newVersion="2.1.1.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.ComponentModel.Annotations" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-4.2.1.0" newVersion="4.2.1.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="Microsoft.Extensions.Caching.Abstractions" publicKeyToken="adb9793829ddae60" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-2.1.2.0" newVersion="2.1.2.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="Microsoft.Extensions.Caching.Memory" publicKeyToken="adb9793829ddae60" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-2.1.2.0" newVersion="2.1.2.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Runtime.CompilerServices.Unsafe" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-4.0.4.1" newVersion="4.0.4.1" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="Microsoft.Extensions.Primitives" publicKeyToken="adb9793829ddae60" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-2.1.6.0" newVersion="2.1.6.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Buffers" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-4.0.3.0" newVersion="4.0.3.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Numerics.Vectors" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-4.1.4.0" newVersion="4.1.4.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Web.Helpers" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Web.WebPages" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="1.0.0.0-5.2.7.0" newVersion="5.2.7.0" />
      </dependentAssembly>
    </assemblyBinding>
  </runtime>
</configuration>

------Update with the only error codes that could be found-----

Event code: 3005 Event message: An unhandled exception has occurred. Event time: 1/13/2019 10:56:55 PM Event time (UTC): 1/14/2019 5:56:55 AM Event ID: ccf077ec0a414d6bb71d178ba496cec1 Event sequence: 2 Event occurrence: 1 Event detail code: 0

Application information: Application domain: /LM/W3SVC/2/ROOT-17-131919190153815312 Trust level: Full Application Virtual Path: / Application Path: C:\inetpub\wwwroot{Path} Machine name: WEB

Process information: Process ID: 3848 Process name: w3wp.exe Account name: IIS APPPOOL\ASP.NET v4.0

Exception information: Exception type: HttpException Exception message: The provided URI scheme 'https' is invalid; expected 'http'. Parameter name: via at System.Web.HttpApplicationFactory.EnsureAppStartCalledForIntegratedMode(HttpContext context, HttpApplication app) at System.Web.HttpApplication.RegisterEventSubscriptionsWithIIS(IntPtr appContext, HttpContext context, MethodInfo[] handlers) at System.Web.HttpApplication.InitSpecial(HttpApplicationState state, MethodInfo[] handlers, IntPtr appContext, HttpContext context) at System.Web.HttpApplicationFactory.GetSpecialApplicationInstance(IntPtr appContext, HttpContext context) at System.Web.Hosting.PipelineRuntime.InitializeApplication(IntPtr appContext)

The provided URI scheme 'https' is invalid; expected 'http'. Parameter name: via at System.ServiceModel.Channels.TransportChannelFactory1.ValidateScheme(Uri via) at System.ServiceModel.Channels.HttpChannelFactory1.ValidateCreateChannelParameters(EndpointAddress remoteAddress, Uri via) at System.ServiceModel.Channels.HttpChannelFactory1.OnCreateChannelCore(EndpointAddress remoteAddress, Uri via) at System.ServiceModel.Channels.ChannelFactoryBase1.InternalCreateChannel(EndpointAddress address, Uri via) at System.ServiceModel.Channels.ServiceChannelFactory.ServiceChannelFactoryOverRequest.CreateInnerChannelBinder(EndpointAddress to, Uri via) at System.ServiceModel.Channels.ServiceChannelFactory.CreateServiceChannel(EndpointAddress address, Uri via) at System.ServiceModel.Channels.ServiceChannelFactory.CreateChannel(Type channelType, EndpointAddress address, Uri via) at System.ServiceModel.ChannelFactory1.CreateChannel(EndpointAddress address, Uri via) at System.ServiceModel.ClientBase1.CreateChannel() at System.ServiceModel.ClientBase1.CreateChannelInternal() at System.ServiceModel.ClientBase1.get_Channel() at TruckIt.TruckItWebOps.LocationOperationsClient.GetStates(Int32 CountryId) in C:\Users\User\Desktop{Path}\Reference.cs:line 6107 at MyService.MvcApplication.Application_Start() in C:\Users\User\Desktop{path}\Global.asax.cs:line 41

Request information: Request URL: https://www.example.com:443/ Request path: / User host address: 192.168.1.1 User:
Is authenticated: False Authentication Type:
Thread account name: IIS APPPOOL\ASP.NET v4.0

Thread information: Thread ID: 43 Thread account name: IIS APPPOOL\ASP.NET v4.0 Is impersonating: False Stack trace: at System.Web.HttpApplicationFactory.EnsureAppStartCalledForIntegratedMode(HttpContext context, HttpApplication app) at System.Web.HttpApplication.RegisterEventSubscriptionsWithIIS(IntPtr appContext, HttpContext context, MethodInfo[] handlers) at System.Web.HttpApplication.InitSpecial(HttpApplicationState state, MethodInfo[] handlers, IntPtr appContext, HttpContext context) at System.Web.HttpApplicationFactory.GetSpecialApplicationInstance(IntPtr appContext, HttpContext context) at System.Web.Hosting.PipelineRuntime.InitializeApplication(IntPtr appContext)

Custom event details:

Mike
  • 51
  • 1
  • 1
  • 8
  • 1
    What is the error message you get when trying to establish the HTTPS connection to the service? Have you tried enabling [message logging](https://learn.microsoft.com/en-us/dotnet/framework/wcf/samples/tracing-and-message-logging)? – slugster Jan 14 '19 at 03:58
  • There is no error. I can go to a browser not on the server and type in the URL of the service and it pops up with all of the details for the WCF service. It just doesn't want to connect in Visual Studio. – Mike Jan 14 '19 at 05:40
  • Also, I haven't tried message logging yet. I will try that next. Thanks for the tip – Mike Jan 14 '19 at 05:46
  • I added the only error codes I could find. – Mike Jan 14 '19 at 06:30
  • It seems your website couldn't provide a secure connection, maybe you could refer to the link to learn how to configure your website to enable https in wcf [https://learn.microsoft.com/en-us/dotnet/framework/wcf/feature-details/how-to-configure-an-iis-hosted-wcf-service-with-ssl](https://learn.microsoft.com/en-us/dotnet/framework/wcf/feature-details/how-to-configure-an-iis-hosted-wcf-service-with-ssl) – Ackelry Xu Jan 14 '19 at 07:32
  • LOL.. Well as I said before, I have already gone through that page. And that page is a crap page for describing how it's done. Microsoft definitely dropped the ball when they created that page. It's also apparent that you don't know how to solve the problem because all you can do is point to another page. I have listed all of the details that I can find on the server. That is what we have to work with. The difference between the Microsoft page and what I am doing is that I am not creating a self signed cert. I actually have cert from a CA. – Mike Jan 14 '19 at 14:27
  • what happens when you browse the .svc file in IIS? i.e. https://www.example.com/MyService/Service1.svc, also if you double click the certificate you are using in IIS does it have any errors? Sometimes you have to add the CA root cert and all that. I personally had the latter issue sometime back: https://stackoverflow.com/questions/19670190/wcf-could-not-establish-trust-relationship-for-the-ssl-tls-secure-channel-with/19670426#19670426 – Popo Jan 14 '19 at 18:07
  • I want to say thank you to all of you whom gave intellectual feedback. I did find my problem. I thought about long time ago but I quickly dismissed it. – Mike Jan 14 '19 at 20:47

1 Answers1

0

For all of those that gave me an intellectual response thank you. For the stupid people that just direct you to another page, Good Luck in Life! Life is full of mediocre people and I guarantee you they don't get far.

As for the answer: So my service would respond through a web browser, all browsers. So I knew it wasn't a web.config problem. So I went back and investigated an original thought, that I was having a TLS and SSL problem.

  1. Visit this website https://www.ssllabs.com/ssltest/analyze.html?d=casnet.casusa.com&latest

  2. That website will tell you what problems you might be having. In my case I was running extremely old versions of TLS and SSL on my server.

  3. I updated my SSL using this method: https://social.technet.microsoft.com/Forums/office/en-US/02241093-187d-41e4-a0fe-1cd19331a9a2/how-to-enable-ssl-v3-on-windows-2008?forum=winserversecurity

  4. I updated my TLS 1.1 & 1.2 using this method: https://tecadmin.net/enable-tls-on-windows-server-and-iis/

  5. I then had to update the above SSL and TLS on my personal computer in the Registry and instead of inserting a "Server" key I ended up installing a "Client" key.

After updating those security protocols, I was able to connect via Visual Studio 2017 latest version as of 1/14/2019. Again, I am extremely grateful to those who tried to put some work in and give me an answer.

Mike
  • 51
  • 1
  • 1
  • 8