Saturday, 9 October 2010

Viewing SOAP message contents

I struggle to visualise the contents of a SOAP message by looking at WSDL. This is compounded by the somewhat indirect way changing settings in WCF service configuration (either in configuration files or code attributes) affects the WSDL and ultimately the SOAP message. It is much easier to actually have a peek at the contents of the SOAP message.
The solution to my problem was provided by Kory Becker in his article Displaying SOAP XML Messages in a Simple WCF Web Service.
For convenience I’ve created a little Visual Studio project (C#) with the code already implemented here. Note that to see the output in Visual Studio for services hosted in IIS the trick is to debug the service by attaching the debugger to the ASP.Net worker process.
Saturday, 9 October 2010

Convert a service to view metadata over HTTPS

I wanted to host a WCF service in IIS over HTTPS (i.e. using SSL). I already had a service host setup in IIS with a mex endpoint configured for HTTP. So, I configured the host site to use SSL but when I browsed to the service in a web browser I got the following error:

“Could not find a base address that matches scheme http for the endpoint binding MetadataExchangeHttpBinding…”

To change the service to use HTTPS I hade to make a couple of changes.

  1. Set the metadata exchange endpoint to use the mexHttpsBinding (not the mexHttpBinding).
  2. Modify the service behaviour to enable getting metadata over HTTPS (httpsGetEnabled).
  3. Changed the service base address to use HTTPS.
    <service behaviorConfiguration="ServiceBehavior" name="Service.Service">
      <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
<add baseAddress="" />
</service> </services> <bindings> ... </bindings> <behaviors> <serviceBehaviors> <behavior name="ServiceBehavior"> <serviceMetadata httpsGetEnabled="true" /> <serviceDebug includeExceptionDetailInFaults="false" /> ... </behavior> </serviceBehaviors> </behaviors> </system.serviceModel>

NB: Don't forget that existing clients will have to update their service references.

Saturday, 2 October 2010

Keyset does not exist

I was trying to run a WCF service with additional security and generated the following “Keyset does not exist” error:


Reading the stack trace I got the following additional information:

[ArgumentException: It is likely that certificate 'CN=RPKey' may not have a
private key that is capable of key exchange or the process may not have access
rights for the private key. Please see inner exception for detail.]

This turned out be file security settings on the key file. To fix the problem you may need to grant file permissions to the appropriate key file (in this case the RPKey file). To find the location of the key file I ran the FindPrivateKey utility which shipped with the WF and WCF Samples obtained from MSDN. Build the FindPrivateKey sample an run it in a command window:

C:\...path here...\FindPrivateKey\CS\bin>findprivatekey My LocalMachine -n "CN=RPKey" –a 

This gave the location of the key file and I was able to grant permissions to the ASPNET user. You may need to grant permissions to the network service user.

Normal service restored.

Missing security tab on folder properties (Windows XP)

I was on a Windows XP machine and needed to access file security settings for a certificate file but the Security tab was missing.


To make the tab available I did the following:

  1. Launch Windows Explorer or My Computer.
  2. Click on the Tools > Folder Options.
  3. Click on View tab.
  4. In Advanced Settings uncheck the “Use simple file sharing (Recommended)” check box.
  5. Click OK.


Note: If that doesn’t work try clicking on “Apply to ALL Folders”. The result should be a restored Security tab.