0

I have following rest windows service which works perfectly over HTTP

Uri[] httpBaseAddress = new Uri[] { new Uri("http://localhost:8464/SupportRemote") };

serviceHost = new ServiceHost(typeof(Service.SupportRemoteService), httpBaseAddress);
var Binding = new WebHttpBinding();
ServiceEndpoint endpoint = serviceHost.AddServiceEndpoint(typeof(Model.ISupportRemoteService), Binding, "Rest");
endpoint.Behaviors.Add(new WebHttpBehavior());

foreach (ServiceEndpoint EP in serviceHost.Description.Endpoints)
   EP.Behaviors.Add(new BehaviorAttribute());

var serviceBehavior = new ServiceMetadataBehavior();
serviceBehavior.HttpGetEnabled = true;
serviceHost.Description.Behaviors.Add(serviceBehavior);
serviceHost.Open();

Now i want to move it over HTTPS with self-signed certificate, but the service does not work. i don`t know where the problem is

Uri[] httpBaseAddress = new Uri[] { new Uri("https://localhost:8464/SupportRemote") };

serviceHost = new ServiceHost(typeof(Service.SupportRemoteService), httpBaseAddress);
var Binding = new WebHttpBinding(WebHttpSecurityMode.Transport);
Binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
ServiceEndpoint endpoint = serviceHost.AddServiceEndpoint(typeof(Model.ISupportRemoteService), Binding, "Rest");
endpoint.Behaviors.Add(new WebHttpBehavior());

foreach (ServiceEndpoint EP in serviceHost.Description.Endpoints)
   EP.Behaviors.Add(new BehaviorAttribute());

var serviceBehavior = new ServiceMetadataBehavior();
serviceBehavior.HttpGetEnabled = false;
serviceBehavior.HttpsGetEnabled = true;
serviceHost.Description.Behaviors.Add(serviceBehavior);
serviceHost.Credentials.ServiceCertificate.SetCertificate("CN=MyCertificate", System.Security.Cryptography.X509Certificates.StoreLocation.LocalMachine, System.Security.Cryptography.X509Certificates.StoreName.Root);
serviceHost.Open();
Hadi Mohammadi
  • 314
  • 2
  • 5
  • 20
  • refer http://www.allenconway.net/2012/05/creating-wcf-restful-service-and-secure.html – kowsikbabu Feb 12 '19 at 08:36
  • "does not work" is not a problem statement. [Please be more specific.](https://idownvotedbecau.se/itsnotworking/) – Tom W Feb 15 '19 at 10:04
  • I have made a demo, please refer to my reply.https://stackoverflow.com/questions/54734264/wcf-service-over-https-without-iis-with-ssl-certificate-from-cert-and-key-strin/54743403#54743403 – Abraham Qian Feb 18 '19 at 08:50

1 Answers1

0

It seems that you have set up the server certificate on the server side, while there is one thing we must be noted. the application does not have privilege to binding the certificate to port by default. we might bind the certificate to the port manually.

netsh http add sslcert ipport=0.0.0.0:8000 certhash=0000000000003ed9cd0c315bbb6dc1c08da5e6 appid={00112233-4455-6677-8899-AABBCCDDEEFF}

Here is the official document, wish it is useful to you.
https://learn.microsoft.com/en-us/windows/desktop/http/add-sslcert
https://learn.microsoft.com/en-us/dotnet/framework/wcf/feature-details/how-to-configure-a-port-with-an-ssl-certificate
Besides, you had better use the localSystem account to host windows service in case there is a problem enabling the application occupancy port.
Feel free to let me know if there is anything I can help with.

Abraham Qian
  • 7,117
  • 1
  • 8
  • 22