Our client is getting below error when they try to call the web service via HTTPS request.
'There was no endpoint listening at https://XXXXXX/XXXX.svc - The remote server returned an error: (403) Forbidden.'
But the interesting part is, client successfully connects using the port which was used by the previous version. But new ports are not working. which means still client can call the new service using the old port. But once we change the bindings to the new https port, client is getting above error.
Below checks have been completed already.
1) Client can successfully access the URL from their server.
2) No firewall rules placed for the newly created port.
2) SSL root certificates are placed in the Trusted Root Certification folder.
Please let me know if you have any idea regarding this issue?
Thank you
According to your description, it seems that you may missed the https setting in the wcf application web.config file.
The following is a complete example of a web.config file for a WCF service using HTTPs.
<?xml version="1.0"?>
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0" />
</system.web>
<system.serviceModel>
<services>
<service name="MySecureWCFService.Service1">
<endpoint address=""
binding="basicHttpBinding"
bindingConfiguration="secureHttpBinding"
contract="MySecureWCFService.IService1"/>
<endpoint address="mex"
binding="mexHttpsBinding"
contract="IMetadataExchange" />
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="secureHttpBinding">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpsGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
</configuration>
More details, you could refer to this article.
Thank you for your time all.
Proxy Server was blocking the requests come through the specific ports. Issue has been resolved after adding the ports into the proxy server.
Error Message:
[EndpointNotFoundException: There was no endpoint listening at "Link/MobileMotivation.asmx" that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.]
This is a MVC4 applcation, it works fine on the local machine. However when I implement it to the server which is the same server as the web service, it shows the error message.
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="MobileMotivationSoap" />
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://stuiis.cms.gre.ac.uk/bb116/FinalYear2/FinalYear2/MobileMotivation.asmx"
binding="basicHttpBinding" bindingConfiguration="MobileMotivationSoap"
contract="MobileMotivationService.MobileMotivationSoap" name="MobileMotivationSoap" />
</client>
You might need to edit the anonymous authentication settings.
Go to:
Server Manager
IIS
Connections > Sites > YourSite
Click Authentication > Enable
At this point you can select application pool identity.
More details here: A web site code can't connect to a soap service on the same server
I have built an http based web service application with WCF and everything works. Now I try to convert it to run over https instead, but I can’t get it to work properly. I only receive "Bad Request". Currently this web service is running on IIS 7.5 and .NET 4.5. Anyone knows what i shall do to convert it from http to https and what I shall change on client side to be able to request an https web service instead of http.
Thx in advanced!
For Services Configuration use this
<services>
<service behaviorConfiguration="webServiceClientBehavior" name="My.Service.ServiceName">
<endpoint address="http://localhost/WCFClient" binding="basicHttpBinding" bindingConfiguration="secureBinding" contract="My.Service.IServiceName"/>
</service>
For Binding Configuration use below
<bindings>
<basicHttpBinding>
<binding name="secureBinding">
<security mode="Transport" />
</binding>
</basicHttpBinding>
For behavior configuration use below
<serviceBehaviors>
<behavior name="webServiceClientBehavior">
<!--For MetaData-->
<serviceMetadata httpGetEnabled="true" httpGetUrl="http://localhost/WCFClientMD"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
I've installed MDS on our dev server and I can navigate through(and perform various functionality such as add users or create, add entities). I can't however get into the "Explorer". In here I get two Silverlight errors.
[HttpWebRequest_WebException_RemoteServer]
Arguements: Not Found
Debugging resource string are unavailable
etc....
The server is Win 2008 R2 Standard
IIS is 6.1 (Build 7601 SP1)
We're running SQL Server 2012
The client is running SL5 and the SL5 SDK
IIS is set up to run SSL and Win Auth(according to the trace logs, this is working, it's getting the principal). Everything else is Disabled
IIS can connect to the DB(via Database Manager in the Management section)
This is happening across all major browsers(IE, chrome, FF).
I have turned on trace logs for MDS(set to Verbose) and I don't see any errors/warnings
I ran SQL profilier as well and didn't see anything that would lead me to believe and error has occurred sql side.
The Event Viewer also doesn't have anything in it related to MDS/Silverlight.
I'm not sure if/how I can remote debug to the MDS website(it's preinstalled and precompiled)
A couple of snippets from the web.config
<bindings>
<wsHttpBinding>
<binding name="mdsWsHttpBinding" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
<readerQuotas maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxDepth="2147483647" maxNameTableCharCount="2147483647" maxStringContentLength="2147483647" />
<!--Non-SSL implementations.-->
<security mode="Transport">
<message clientCredentialType="UserName" />
<transport clientCredentialType="Windows">
<extendedProtectionPolicy policyEnforcement="WhenSupported" />
</transport>
</security>
</binding>
</wsHttpBinding>
<basicHttpBinding>
<binding name="mdsBasicHttpBinding" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
<readerQuotas maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxDepth="2147483647" maxNameTableCharCount="2147483647" maxStringContentLength="2147483647" />
<!-- Non-SSL implementations.-->
<security mode="TransportCredentialOnly">
<message clientCredentialType="UserName" />
<transport clientCredentialType="Windows">
<extendedProtectionPolicy policyEnforcement="WhenSupported" />
</transport>
</security>
</binding>
</basicHttpBinding>
</bindings>
.. <snip> ...
<system.diagnostics>
<sources>
<!-- Adjust the switch value to control the types of messages that should be logged.
Use the a switchValue of Verbose to generate a full log. Please be aware that
the trace file can get quite large very quickly -->
<source name="MDS" switchType="System.Diagnostics.SourceSwitch" switchValue="All">
<listeners>
<add name="LogFileListener" type="System.Diagnostics.TextWriterTraceListener" initializeData="C:\Program Files\Microsoft SQL Server\110\Master Data Services\WebApplication\trace.log" traceOutputOptions="DateTime" />
<add name="EtwListener" type="System.Diagnostics.Eventing.EventProviderTraceListener, System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" initializeData="{F2A341B8-CA5F-49ad-B00C-A82D3FCF948B}" />
<remove name="Default" />
</listeners>
</source>
</sources>
<trace autoflush="true" />
If anyone thinks the trace logs will help(or anything else), I can post them up(but they're huge).
My question is:
How can I debug, or somehow get a better error message, to point me in the right direction?
EDIT:
To add I found this in the trace log:
MDS Error: 0 : Service started successfully, Assembly version: 11.0.0.0, file version: 11.0.3000.0 ((SQL11_PCU_Main).121019-1325 )
DateTime=2013-01-07T15:09:14.1660484Z
MDS Error: 0 : ApiContractVersion: 5102
DateTime=2013-01-07T15:09:14.2753968Z
EDIT 2:
I've been able to dig out another error(after many config changes).
at Microsoft.MasterDataServices.Core.BusinessLogic.Member.GetEntityMembers(EntityMembers members, RequestContext context, OperationResult results)
SQL Error Debug Info: Number: 229, Message: The EXECUTE permission was denied on the object 'MemberGetCriteria', database 'MDS', schema 'mdm'., Server: SERVERNAME, Proc: , Line: 0
:
For some reason "MemberGetCriteria" is having some permissions errors.
Two things about permissions with the service account running the application pool in IIS:
1) It must have "Logon as a Batch" rights as per IIS requirements for running an application pool;
2) If you are requiring client certificates on your MDS website, MDS isn't set up to use certificates from the IIS web application to the MDS\Service\service.svc\bhh call, so you will need to make client certificates optional when that service is called.
web.config: I see you set up attempted to set up "Transport" / HTTPS security for the two WCF end-points but left tags instead of tags. You must make sure you did not mix and match the SSL and non-SSL sections and that you only commented the Windows / NTLM (or Kerberos if set up in the back-end) security mode section out, and uncommented the "SSL Implementation" section.
My WCF serice seems to be using the computer-name instead of the domain name. When I view the MyService.svc?wsdl link it is showing my computer name.
Where do I add my domain name in the web.config? Endpoint address, baseaddress or identity?
Note: I am using SSL so it has to be https://www.example.com/myservice.svc
WCF 4.0 has solved this issue in some instances with a new config option that use Request Headers:
<behaviors>
<serviceBehaviors>
<behavior name="AutoVaultUploadBehavior">
<useRequestHeadersForMetadataAddress>
<defaultPorts>
<add scheme="https" port="443" />
</defaultPorts>
</useRequestHeadersForMetadataAddress>
For IIS7 you don't add it to web.config, but to the IIS configuration file.
First off edit the bindings for your web site so the HTTP protocol specifies a host name if you haven't already - this will ensure it gets the correct name under HTTP.
Navigate to C:\Windows\System32\inetsrv\config and open applicationHost.config
Look for the sites section. You will see something like the following
<sites>
<site name="Default Web Site" id="1">
<application path="/">
<virtualDirectory path="/" physicalPath="%SystemDrive%\inetpub\wwwroot" />
</application>
<bindings>
<binding protocol="http" bindingInformation="*:80:puck" />
<binding protocol="net.tcp" bindingInformation="808:*" />
<binding protocol="net.pipe" bindingInformation="*" />
<binding protocol="net.msmq" bindingInformation="localhost" />
<binding protocol="msmq.formatname" bindingInformation="localhost" />
<binding protocol="http" bindingInformation="*:80:puck.idunno.org" />
<binding protocol="http" bindingInformation="*:80:localhost" />
<binding protocol="https" bindingInformation="*:443:" />
</bindings>
</site>
....
</sites>
You can see that the bindings for the http protocol specify a host header, but https doesn't. When you're web browsing you can't use host headers over HTTPS, but WCF still uses it when generating the WSDL - if it can't find one it will fall back to the machine name.
So all you need to do is edit the HTTPS binding like so
<binding protocol="https" bindingInformation="*:443:puck" />
appending the correct FQDN to the end of the binding information. Reset IIS and WCF should get it right now.
The IIS6 solution has already been posted by darin
As stated in this link WCF is using the computer name instead of the IP address and cannot be resolved
It solved my problem, maybe because i have multiple web sites in the same host, and is very simple.
<system.serviceModel>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
To fix this problem Configure the httpGetEnabled attribute and httpsGetEnabled attribute in web.config file
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
We're using WCFExtras to change the name of the host.
WCFExtras is a small open source library that will allow you to write the following to change the host name:
<behaviors>
<endpointBehaviors>
<behavior name="xxx">
<wsdlExtensions location="http://some-hostname-visible-from-outside/path-to-a-service/service.svc" singleFile="True" />
</behavior>
...
just adding
<useRequestHeadersForMetadataAddress></useRequestHeadersForMetadataAddress> to the solved my issue.
It seems that WCF 4.0 takes care of the Headers by adding this
I was using SSL for accessing the WCF Service.
I have added solutions here, http://knowledgebaseworld.blogspot.com/2010/06/domain-name-replaced-with-machine-name.html. it should work for you all as its working fine with me on local, staging and production without doing binding on iis
None of these solutions were helpful to me. I was able to solve this with a very simple custom Service Factory.
Installing a WCF Service on a Shared Hosting Site, Revisited
Have you tried setting the host header in IIS?
Although its an old posting, here is an answer.
Under Service Behaviour --> ServiceMetaData add service url.
Please note if you do not add myService, it will throw another error.
I had this very issue with my production server. I have found various articles on the multiple host headers with IIS and WCF issue, but if you are using SSL, you cannot add a host header to the website identities within the IIS UI, you can only add them to normal HTTP identities:
However you can add SSL host headers via a command prompt script, and this solved the issue for me:
cscript.exe adsutil.vbs set /w3svc/<site identifier>/SecureBindings ":443:<host header>"
For more information on this see this link: http://blumenthalit.net/blog/Lists/Posts/Post.aspx?ID=14
This post solved it for me. I needed to associate my domain name with my IP address and website in IIS.
http://www.codemeit.com/wcf/wcf-wsdl-xsdimport-schemalocations-link-to-local-machine-name-not-domain-name-while-hosted-in-iis.html
Thanks to Kanasz Robert.
Steps that solved my problem -
1.Produce the wsdl in the browser and save to file (by hitting .svc?wsdl from browser) save as .wsdl
Produce the xsd files by hitting url from wsdl (xsd=xsd0, etc), and save to file from browser, save as .wsdl
replace all machine name references from wsdl with domain name (or ip address) and change xsd references and save AND replace all machine name references from xsd files with domain name (or ip address)
make sure to name xsd file with .xsd extension (ie, name0.xsd, name1.xsd, name2.xsd)
copy wsdl and xsd file(s) to virtual directory
add to your web.config following lines:
<behaviors>
<serviceBehaviors>
<behavior name="MyServiceBehavior">
<serviceMetadata httpGetEnabled="true" externalMetadataLocation="http://IPorDomainName/MyServices/FileTransferService.wsdl" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>