In fact, this title has little to do with WCF itself, because rest WCF services are generally hosted on IIS, while SSL is a matter of transport layer. To put it bluntly, it is a matter of IIS.
First, create a simple rest WCF Service: (use the WCF rest Service Application Template)
[Servicecontract] <br/> [aspnetcompatibilityrequirements (requirementsmode = aspnetcompatibilityrequirementsmode. allowed)] <br/> [servicebehavior (instancecontextmode = instancecontextmode. percall)] <br/> public class service1 <br/> {<br/> [webget (uritemplate = "gethello")] <br/> Public String gethello () <br/>{< br/> return "Hello client by get"; <br/>}</P> <p> [webinvoke (uritemplate = "posthello ", method = "Post")] <br/> Public String posthello () <br/> {<br/> return "Hello client by post "; <br/>}< br/>}
The service is very simple, so that the client can access it under SSL through httprequst.
IIS6 configuration: Select "Directory Security"> "server certificate..."> next> assign an existing certificate under the root directory of the website.
Select a certificate you have prepared. If you do not need to generate a certificate, search for it on the Internet.
Iis7 Configuration:
1. You can directly create a new certificate in iis7:
Generate a self-signed certificate for testing.
Next, you need to set HTTPS binding and certificate for IIS
After setting, all applications under the default web site can access HTTP or HTTPS in two ways.
If you need to set up to only access through https, you also need to set SSL settings on the specified application so that the application requires SSL:
Now you can directly access this WCF Service through IE and see the following results:
The server certificate generated is self-signed (without 3rd-party authentication), so it is intercepted by the browser. If you want to continue the access, click "continue access" to view the result.
OK. Now let's see how the client calls:
Static void main (string [] ARGs) <br/>{< br/> var url = "https: // earthqa-PC/service1/gethello "; <br/> try <br/> {<br/> servicepointmanager. servercertificatevalidationcallback + = <br/> New remotecertificatevalidationcallback (allowcert); <br/> WebClient WC = new WebClient (); <br/> var STR = WC. downloadstring (URL); <br/> console. writeline (STR); <br/>}< br/> catch (exception ex) <br/>{< br/> console. writeline ("error: {0}", Ex. message); <br/>}< br/> console. readline (); <br/>}</P> <p> Private Static bool allowcert (Object sender, x509certificate cert, x509chain chain, sslpolicyerrors error) <br/>{< br/> var request = sender as httpwebrequest; <br/> console. writeline (request. address. host); <br/> // console. writeline (cert. subject); <br/> return true; <br/>}
Because there is no client certificate, the client only needs to acknowledge the server certificate: In the servicepointmanager. servercertificatevalidationcallback event, return true.