I got error:
System.ArgumentException: „The provided URI scheme 'http' is invalid; expected 'https'. Parameter name: via”
My xml code look like this:
<system.serviceModel>
<bindings>
<customBinding>
<binding name="serviceSoapBinding">
<security allowInsecureTransport="true" enableUnsecuredResponse="true" includeTimestamp="false"
authenticationMode='CertificateOverTransport'
defaultAlgorithmSuite="Basic256"
requireDerivedKeys="true"
messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
</security>
<textMessageEncoding messageVersion="Soap11"></textMessageEncoding>
<httpsTransport maxReceivedMessageSize="2000000000"/>
</binding>
</customBinding>
</bindings>
<client>
<endpoint address="http://...Service"
binding="customBinding" bindingConfiguration="serviceSoapBinding"
contract="service.service" name="servicePort" >
</endpoint>
</client>
</system.serviceModel>
Changing http to https is not a solution, because I need http. I think I must change authenticationMode*
, but I don't know which mode is right in my situation.
In my case client is authenticated by X509Certificate
and service uses http
protocol.
CodePudding user response:
DavidG appears to be correct about the CertificateOverTransport requirements. https://docs.microsoft.com/en-us/dotnet/api/system.servicemodel.configuration.authenticationmode?view=netframework-4.8
CertificateOverTransport 2 Specifies that the initiator is authenticated by an X.509 version 3 certificate, and that the responder is authenticated by SSL over HTTPS.
One of the others might work better, but as has been mentioned, not using https is considered highly irregular now. That said, one of these would likely be your best bet.
MutualCertificate 9
Specifies that the initiator and responder are authenticated with X.509 version 3 certificates.
MutualCertificateDuplex 10
Specifies that the initiator and responder are authenticated with X.509 version 3 certificates.
MutualSslNegotiated 11
Specifies that the initiator and responder mutually authenticate each other using X509 version 3 certificates, and the responder's certificate is available from the SOAP SSL negotiation.