Configuring HTTP and HTTPS - WCF (2024)

Table of Contents
In this article Configuring namespace reservations Configuring a firewall exception Configuring SSL certificates Configuring the IP Listen List Other configuration settings See also
  • Article

WCF services and clients can communicate over HTTP and HTTPS. The HTTP/HTTPS settings are configured by using Internet Information Services (IIS) or through the use of a command-line tool. When a WCF service is hosted under IIS HTTP or HTTPS settings can be configured within IIS (using the inetmgr.exe tool). If a WCF service is self-hosted, HTTP or HTTPS settings are configured by using a command-line tool.

At a minimum, you want to configure a URL registration and add a Firewall exception for the URL your service will be using. You can configure these settings with the Netsh.exe tool.

See Also
How to add an SSL and increase site security — 2024 guideWe’re here to helpConfiguring Windows Communication Foundation for HTTPSWhat is a TLS/SSL Port? | TCP Ports | Encryption Consulting

Configuring namespace reservations

Namespace reservation assigns the rights for a portion of the HTTP URL namespace to a particular group of users. A reservation gives those users the right to create services that listen on that portion of the namespace. Reservations are URL prefixes, meaning that the reservation covers all subpaths of the reservation path. Namespace reservations permit two ways to use wildcards. The HTTP Server API documentation describes the order of resolution between namespace claims that involve wildcards.

A running application can create a similar request to add namespace registrations. Registrations and reservations compete for portions of the namespace. A reservation may have precedence over a registration according to the order of resolution given in the order of resolution between namespace claims that involve wildcards. In this case, the reservation blocks the running application from receiving requests.

The following example uses the Netsh.exe tool:

netsh http add urlacl url=http://+:80/MyUri user=DOMAIN\user

This command adds a URL reservation for the specified URL namespace for the DOMAIN\user account. For more information on using the netsh command, type netsh http add urlacl /? in a command-prompt and press Enter.

See Also
Can I use the same SSL Cert on multiple ports, same domain?

Configuring a firewall exception

When self-hosting a WCF service that communicates over HTTP, an exception must be added to the firewall configuration to allow inbound connections using a particular URL.

Configuring SSL certificates

The Secure Sockets Layer (SSL) protocol uses certificates on the client and server to store encryption keys. The server provides its SSL certificate when a connection is made so that the client can verify the server identity. The server can also request a certificate from the client to provide mutual authentication of both sides of the connection.

Certificates are stored in a centralized store according to the IP address and port number of the connection. The special IP address 0.0.0.0 matches any IP address for the local machine. Note that the certificate store doesn't distinguish URLs based on the path. Services with the same IP address and port combination must share certificates even if the path in the URL for the services is different.

For step-by-step instructions, see How to: Configure a Port with an SSL Certificate.

Configuring the IP Listen List

The HTTP Server API only binds to an IP address and port once a user registers a URL. By default, the HTTP Server API binds to the port in the URL for all of the IP addresses of the machine. A conflict arises if an application that doesn't use the HTTP Server API has previously bound to that combination of IP address and port. The IP Listen List allows WCF services to coexist with applications that use a port for some of the IP addresses of the machine. If the IP Listen List contains any entries, the HTTP Server API only binds to those IP addresses that the list specifies. Modifying the IP Listen List requires administrative privileges.

Use the netsh tool to modify the IP Listen List, as shown in the following example:

netsh http add iplisten ipaddress=0.0.0.0:8000

Other configuration settings

When using WSDualHttpBinding, the client connection uses defaults that are compatible with namespace reservations and the Windows firewall. If you choose to customize the client base address of a dual connection, then you also must configure these HTTP settings on the client to match the new address.

The HTTP Server API has some advanced configuration settings that aren't available through HttpCfg. These settings are maintained in the registry and apply to all applications running on the systems that use the HTTP Server APIs. For information about these settings, see Http.sys registry settings for IIS. Most users don't need to change these settings.

See also

  • WSDualHttpBinding
  • How to: Configure a Port with an SSL Certificate
Configuring HTTP and HTTPS - WCF (2024)
Top Articles
How to Improve Contract Management Process - Best Practices
Airbnb (ABNB) Stock Forecast, Price Targets and Analysts Predictions - TipRanks.com
Food King El Paso Ads
Gamevault Agent
Algebra Calculator Mathway
Wmu Course Offerings
Ati Capstone Orientation Video Quiz
How to Type German letters ä, ö, ü and the ß on your Keyboard
Stolen Touches Neva Altaj Read Online Free
13 The Musical Common Sense Media
Helloid Worthington Login
Urban Dictionary Fov
Cincinnati Bearcats roll to 66-13 win over Eastern Kentucky in season-opener
Ukraine-Russia war: Latest updates
Slushy Beer Strain
Elizabethtown Mesothelioma Legal Question
Overton Funeral Home Waterloo Iowa
Eka Vore Portal
Cvb Location Code Lookup
Dtab Customs
Site : Storagealamogordo.com Easy Call
Rural King Credit Card Minimum Credit Score
/Www.usps.com/International/Passports.htm
BMW K1600GT (2017-on) Review | Speed, Specs & Prices
Mineral Wells Skyward
Meridian Owners Forum
Milwaukee Nickname Crossword Clue
Wood Chipper Rental Menards
Coindraw App
Lindy Kendra Scott Obituary
The Procurement Acronyms And Abbreviations That You Need To Know Short Forms Used In Procurement
The Bold and the Beautiful
Armor Crushing Weapon Crossword Clue
Gyeon Jahee
Texters Wish You Were Here
2016 Honda Accord Belt Diagram
To Give A Guarantee Promise Figgerits
USB C 3HDMI Dock UCN3278 (12 in 1)
Deshuesadero El Pulpo
Gary Lezak Annual Salary
Thothd Download
Brown launches digital hub to expand community, career exploration for students, alumni
Best Haircut Shop Near Me
John Wick: Kapitel 4 (2023)
Noga Funeral Home Obituaries
2294141287
Craigslist Chautauqua Ny
Read Love in Orbit - Chapter 2 - Page 974 | MangaBuddy
Provincial Freeman (Toronto and Chatham, ON: Mary Ann Shadd Cary (October 9, 1823 – June 5, 1893)), November 3, 1855, p. 1
Haunted Mansion Showtimes Near The Grand 14 - Ambassador
Latest Posts
NVD - Vulnerability Metrics
Wealth-transfer strategies | Estate tax planning| Fidelity Investments
Article information

Author: Rob Wisoky

Last Updated:

Views: 5827

Rating: 4.8 / 5 (48 voted)

Reviews: 95% of readers found this page helpful

Author information

Name: Rob Wisoky

Birthday: 1994-09-30

Address: 5789 Michel Vista, West Domenic, OR 80464-9452

Phone: +97313824072371

Job: Education Orchestrator

Hobby: Lockpicking, Crocheting, Baton twirling, Video gaming, Jogging, Whittling, Model building

Introduction: My name is Rob Wisoky, I am a smiling, helpful, encouraging, zealous, energetic, faithful, fantastic person who loves writing and wants to share my knowledge and understanding with you.