We publish the asp.net API at:
http://API.domain.com/v3/service.svc https://API.domain.com/v3/service.svc
Last week, there was a problem with a corrupt SSL certificate, which meant that the connection to HTTPS ref failed with the problem of connecting an Internet explorer. The HTTP ref was ok, it was confirmed that the SSL issue was a problem.
The client who was supposed to use HTTPS never noticed, the logs confirmed that they were actually using HTTP for authentication and data.
When testing with WCF STORM (the test application that I used to test method calls), I could recreate the problem: ie HTTP ok and HTTPS failed. Installing a backup immediately resolved the problem, everything returned to normal.
So, I started looking at HTTP redirects to HTTPS. Launched it using http://www.iis-aid.com/articles/how_to_guides/redirect_http_to_https_iis_7 (i.e. Change to web.config).
When looking at the HTTP and HTTPS API URLs, everything worked as expected.
When using WCF STORM, I get a message:
System.InvalidOperationException: The document at the url http://API.domain.com/v3/service.svc was not recognized as a known document type. The error message from each known type may help you fix the problem: - Report from 'DISCO Document' is 'Discovery document at the URL http://API.domain.com/v3/service.svc?disco&disco could not be found.'. - The document format is not recognized. - Report from 'http://API.domain.com/v3/service.svc' is 'The document format is not recognized (the content type is 'text/html; charset=UTF-8').'. - Report from 'WSDL Document' is 'The document format is not recognized (the content type is 'text/html; charset=UTF-8').'. - Report from 'XML Schema' is 'The document format is not recognized (the content type is 'text/html; charset=UTF-8').'. at System.Web.Services.Discovery.DiscoveryClientProtocol.DiscoverAny(String url) at WcfStorm.DynamicProxy.ServiceClientProxyFactory.(Option`1 ) at WcfStorm.DynamicProxy.ServiceClientProxyFactory.DiscoverEndpoint(Option`1 cfgOption) at WcfStorm.Model.WcfServiceModel.(ServiceClientProxyFactory ) at WcfStorm.Lib.Common.BgWorker`2.OnDoWork(DoWorkEventArgs e) Client proxy code is empty!
I remember one of the developers told me that AUTHENTICATION uses SSL, but SOAP messages are sent over HTTP. Therefore, I suspect that redirecting HTTP to HTTPS caused this problem, as it forced SOAP messages to use HTTPS, and the API was not configured for this .... I assume? The developer explained that he recommended that APIs that use HTTP to transmit SOAP data after authentication using SSL to verify credentials.
Questions:
How to get SOAP data to be transmitted over HTTPS if this is considered a solution?
If this is not possible, how did I deploy the HTTPS HTTP redirect in the environment above?
Any other way to force HTTPS to end users / disable HTTP and / or redirect to HTTPS?
Thanks for any help.