We Keep Coding

413 Request Entity Too Large in wcf service when uploading large image file

i have created wcf Service in which i am receiving Base64 string and converting base64 string to image to store in my project.
but when i am calling my wcf service method from rest client like this i am getting error like this:
413 Request Entity Too Large
and sometimes nothing happens when i am calling my wcf method from rest client.
above is how i am calling my wcf service method.
above base 64 string is an image of size 177Kb.
but when i am passing small base64 string of image with size 2 kb or 3 kb then my wcf service method is calling.
this is my web.config file:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
<section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
</configSections>
<connectionStrings>
</connectionStrings>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
</system.web>
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information, set the values below to false before deployment -->
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="true" />
</system.webServer>
<entityFramework>
<defaultConnectionFactory type="System.Data.Entity.Infrastructure.SqlConnectionFactory, EntityFramework" />
<providers>
<provider invariantName="System.Data.SqlClient" type="System.Data.Entity.SqlServer.SqlProviderServices, EntityFramework.SqlServer" />
</providers>
</entityFramework>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="WebGrease" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-1.5.2.14234" newVersion="1.5.2.14234" />
</dependentAssembly>
</assemblyBinding>
</runtime>
</configuration>
i have search alot on internet and added this:
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IService" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" maxBufferSize="2147483647">
<readerQuotas maxDepth="200" maxStringContentLength="8388608" maxArrayLength="16384" maxBytesPerRead="2147483647" maxNameTableCharCount="16384" />
</binding>
</basicHttpBinding>
</bindings>
but error is still not resloved.
can anybody please help me???

While you have defined a basicHttpBinding with larger than default values, you have not told the WCF service to actually use that binding. When no service endpoints are defined, the default out of the box binding is basicHttpBinding with the default values.
You can either set your defined binding as the default binding configuration for any services using basicHttpBinding that use that config file by omitting the name attribute in the binding definition, like this:
<bindings>
<basicHttpBinding>
<binding maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647"
maxBufferSize="2147483647">
<readerQuotas maxDepth="200"
maxStringContentLength="8388608"
maxArrayLength="16384"
maxBytesPerRead="2147483647"
maxNameTableCharCount="16384" />
</binding>
</basicHttpBinding>
</bindings>
OR you can assign the defined binding to an explicit endpoint, which would look something like this:
<services>
<service name="MyService">
<endpoint address="" binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_IService"
contract="MyNamespace.IServiceContract" />
</endpoint>
</service>
A third place to check is the IIS maximum request length:
<configuration>
<system.web>
<httpRuntime maxRequestLength="2147483647" />
</system.web>
</configuration>
If you're uploading very large files you may also want to look at chunking or streaming.
Whole <system.serviceModel>
Option 1: With default binding defined (omitting name attribute from binding configuration)
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647"
maxBufferSize="2147483647">
<readerQuotas maxDepth="200"
maxStringContentLength="8388608"
maxArrayLength="16384"
maxBytesPerRead="2147483647"
maxNameTableCharCount="16384" />
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information, set the values below to false before deployment -->
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"
multipleSiteBindingsEnabled="true" />
</system.serviceModel>
Option 2: With explicit endpoint using specified binding configuration via endpoint's bindingConfiguration attribute:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IService"
maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647"
maxBufferSize="2147483647">
<readerQuotas maxDepth="200"
maxStringContentLength="8388608"
maxArrayLength="16384"
maxBytesPerRead="2147483647"
maxNameTableCharCount="16384" />
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="MyService">
<endpoint address="" binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_IService"
contract="MyNamespace.IServiceContract" />
</endpoint>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information, set the values below to false before deployment -->
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"
multipleSiteBindingsEnabled="true" />
</system.serviceModel>
Either one of these options should resolve the issue. If they don't, try the third option I gave in my original answer.

Configuring WCF for wsHttpBinding

I have a WCF service that works using basicHttpBinding, I'm trying to configure it to go over https and authenticate with a SQL membership provider, and to do this I'm trying to convert it to use wsHttpBinding.
However, with the updated config I get the following error when I try to connect with the client:
Could not find default endpoint element that references contract 'KFileService.IKFileWcfService' in the ServiceModel client configuration section. This might be because no configuration file was found for your application, or because no endpoint element matching this contract could be found in the client element.
Here's the relevant portion of the web.config for the server:
<system.serviceModel>
<protocolMapping>
<remove scheme="http" />
<add scheme="https" binding="wsHttpBinding" bindingConfiguration="wsHttpBinding_IKFileWcfServiceBinding" />
</protocolMapping>
<behaviors>
<serviceBehaviors>
<behavior name="KFileWcfServiceBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<dataContractSerializer maxItemsInObjectGraph="2147483646" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="MembershipProvider"
membershipProviderName="SqlMembershipProvider" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="KFileWcfServiceBehavior" name="KFileWcfService">
<endpoint address="https://localhost:36492/KFileWcfService.svc"
binding="wsHttpBinding" bindingConfiguration="wsHttpBinding_IKFileWcfServiceBinding"
name="wsHttpBinding_IKFileWcfService" bindingName="wsHttpBinding_IKFileWcfServiceBinding"
contract="KFileWcfService.IKFileWcfService">
<identity>
<certificateReference storeLocation="CurrentUser" />
</identity>
</endpoint>
</service>
</services>
<serviceHostingEnvironment minFreeMemoryPercentageToActivateService="0" multipleSiteBindingsEnabled="true"/>
<bindings>
<wsHttpBinding>
<binding name="wsHttpBinding_IKFileWcfServiceBinding" maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="32" maxStringContentLength="100000" maxArrayLength="2147483647"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Message">
</security>
</binding>
</wsHttpBinding>
</bindings>
</system.serviceModel>
And here's the client side:
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="wsHttpBinding_IKFileWcfService" />
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://localhost:36492/KFileWcfService.svc"
binding="wsHttpBinding" bindingConfiguration="wsHttpBinding_IKFileWcfService"
contract="KFileWcfService.IKFileWcfService" name="wsHttpBinding_IKFileWcfService" />
</client>
</system.serviceModel>
I've done my best to go through all the existing questions and examples already, but haven't had any luck. Can anyone tell me what I'm doing wrong?
Edit:
For further reference, here's the server side configuration that works with basicHttpBinding:
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information, set the value below to false before deployment -->
<serviceMetadata httpGetEnabled="true" />
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true" />
<dataContractSerializer maxItemsInObjectGraph="2147483646" />
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service name="KFileWcfService">
<endpoint address="https://localhost:36492/KFileWcfService.svc" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IKFileWcfService" contract="KFileService.IKFileWcfService" name="BasicHttpBinding_IKFileWcfService" />
</service>
</services>
<serviceHostingEnvironment minFreeMemoryPercentageToActivateService="0" multipleSiteBindingsEnabled="true"/>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IKFileWcfService" maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" transferMode="Streamed">
<readerQuotas maxDepth="32" maxStringContentLength="100000" maxArrayLength="2147483647" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
</binding>
</basicHttpBinding>
</bindings>
</system.serviceModel>
And client:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IKFileWcfService" />
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://localhost:36492/KFileWcfService.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IKFileWcfService"
contract="KFileService.IKFileWcfService" name="BasicHttpBinding_IKFileWcfService" />
</client>
</system.serviceModel>

The type of the service contract on the client which you're trying to use, based on your error messsage:
KFileService.IKFileWcfService
The type of the service contract interface which you have on your client config:
KFileWcfService.IKFileWcfService
They should be the same. Change the client config to
... contract="KFileService.IKFileWcfService" ...
And it should work.

Implementing WIF ActAs Scenario: The identity check failed for the outgoing message

So I'm trying to consume a WCF service from a website and pass the IClaimsIdentity the site got from an STS through to the service.
When I try to invoke a service method through an ActAs channel, I get the following error on the client (looking at trace logs, it never gets to the service, and the STS sends through all tokens correctly):
The identity check failed for the outgoing message. The expected
identity is
'identity(http://schemas.xmlsoap.org/ws/2005/05/identity/right/possessproperty:
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint)' for
the 'http://localhost/MyWCFHost/MyService.svc' target endpoint.
I've got a custom IssuedTokenForCertificate binding and all the certificates are OK as far as I can see, it should work, but no dice. I'd appreciate another pair of eyes looking over my config and helping:
Consuming Web Site config:
<system.serviceModel>
<bindings>
<customBinding>
<binding name="CustomBinding_IMyService">
<security defaultAlgorithmSuite="Default" authenticationMode="IssuedTokenForCertificate"
requireDerivedKeys="true" includeTimestamp="true" messageSecurityVersion="WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10"
requireSignatureConfirmation="true">
<issuedTokenParameters tokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1">
<additionalRequestParameters>
<trust:SecondaryParameters xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
<trust:TokenType xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</trust:TokenType>
<trust:KeyType xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey</trust:KeyType>
</trust:SecondaryParameters>
</additionalRequestParameters>
<issuer address="http://localhost/MyCompany.SecurityTokenService/ActAsIssuer.svc"
binding="ws2007HttpBinding" bindingConfiguration="http://localhost/MyCompany.SecurityTokenService/ActAsIssuer.svc">
</issuer>
<issuerMetadata address="http://localhost/MyCompany.SecurityTokenService/ActAsIssuer.svc/mex" />
</issuedTokenParameters>
<localClientSettings detectReplays="true" />
<localServiceSettings detectReplays="true" />
</security>
<textMessageEncoding />
<httpTransport />
</binding>
</customBinding>
<ws2007HttpBinding>
<binding name="http://localhost/MyCompany.SecurityTokenService/ActAsIssuer.svc">
<security>
<message establishSecurityContext="false" />
</security>
</binding>
</ws2007HttpBinding>
</bindings>
<client>
<endpoint address="http://localhost/MyWCFHost/MyService.svc" binding="customBinding"
bindingConfiguration="CustomBinding_IMyService" contract="MyService.IMyService"
name="CustomBinding_IMyService">
<identity>
<!--<certificate encodedValue="AwAAAAEAAAAUAAAAV2ILlfzl9NIHEiGv1rUCSitq8I0gAAAAAQAAAP8BAAAwggH7MIIBaKADAgECAhBTTBmG1HyUkEDVFmVUxfDLMAkGBSsOAwIdBQAwFTETMBEGA1UEAxMKRXRhbmEgUm9vdDAeFw0xMjA5MjExMjE2MDRaFw0zOTEyMzEyMzU5NTlaMB8xHTAbBgNVBAMTFEV0YW5hIFNUUyBFbmNyeXB0aW9uMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0lbzr1b1aNiXGhwKMTO58QbLbbKoUtTRkA4egMlmip1Vm46BnscWAMvXA5kyzuqK6Cw/5bel15i0pZXR4kjByKbSr65V0/ODGrkUHaYb5vT8RzCczYcgzJmPGWawMYYJT8PXLXHkFmZZGXFZhiUBzyNMWh8YH16I/wFtUgmaBAQIDAQABo0owSDBGBgNVHQEEPzA9gBAV68U+Vhoc0Nu9qPJXfJSRoRcwFTETMBEGA1UEAxMKRXRhbmEgUm9vdIIQgnOTDbZVCaJFTK8PPAGynTAJBgUrDgMCHQUAA4GBACHLr32oqkFjKGN/fqk2VnsNNIs9niHQ4Q6UbJ252YWf4wFIz9Ho/+ZdFxC4tSHxa/IMH0kzYpRL5p61Zd8/QeryWCStqvoNPwyapaY3g0Pkm6dy6NJ82kX5eJxLjdJp8MVadPJs4VA7Smf+e9lMMoONAGP07AvzAVhtiYK2yMmH" />-->
<certificateReference findValue="57620B95FCE5F4D2071221AFD6B5024A2B6AF08D" storeLocation="LocalMachine" storeName="My" x509FindType="FindByThumbprint" />
</identity>
</endpoint>
</client>
</system.serviceModel>
WCF Service config:
<system.serviceModel>
<diagnostics>
<messageLogging logMalformedMessages="true" logMessagesAtTransportLevel="true" />
</diagnostics>
<services>
<service name="RPWCFApp.MyService" behaviorConfiguration="MyServiceBehaviour">
<endpoint address="" binding="customBinding" bindingConfiguration="CustomBindingConfiguration_IssuedTokenOverTransport" contract="RPWCFApp.IMyService" />
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="MyServiceBehaviour">
<federatedServiceHostConfiguration />
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
<serviceCredentials>
<serviceCertificate findValue="81A5DB3796F48B00FAC37CE67D7D8CA43078B996" storeLocation="LocalMachine" storeName="My" x509FindType="FindByThumbprint" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
<extensions>
<behaviorExtensions>
<add name="federatedServiceHostConfiguration" type="Microsoft.IdentityModel.Configuration.ConfigureServiceHostBehaviorExtensionElement, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</behaviorExtensions>
</extensions>
<bindings>
<customBinding>
<binding name="CustomBindingConfiguration_IssuedTokenOverTransport">
<security authenticationMode="IssuedTokenForCertificate" messageSecurityVersion="WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10">
<issuedTokenParameters keyType="SymmetricKey" tokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1">
<issuer address="http://localhost/MyCompany.SecurityTokenService/ActAsIssuer.svc" binding="ws2007HttpBinding" bindingConfiguration="IssuedTokenBinding" />
<issuerMetadata address="http://localhost/MyCompany.SecurityTokenService/ActAsIssuer.svc/mex" />
</issuedTokenParameters>
</security>
<textMessageEncoding />
<httpTransport />
</binding>
</customBinding>
<ws2007HttpBinding>
<binding name="IssuedTokenBinding">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="Windows" establishSecurityContext="false" />
</security>
</binding>
</ws2007HttpBinding>
</bindings>
</system.serviceModel>

Sorted out my problem by changing the binding in the service config to ws2007FederationHttpBinding instead of CustomBinding and update my client service reference.
<bindings>
<ws2007FederationHttpBinding>
<binding name="serviceBinding" receiveTimeout="05:00:00" sendTimeout="05:00:00">
<security mode="Message">
<message>
<issuerMetadata address="http://localhost/MyCompany.SecurityTokenService/ActAsIssuer.svc/mex"/>
</message>
</security>
</binding>
</ws2007FederationHttpBinding>
</bindings>
Then because I'm using self-signed certificates, I had to change the certificateValidationMode using the following endpoint behaviour in the client config:
<behaviors>
<endpointBehaviors>
<behavior name="MyServiceBehavior" >
<clientCredentials>
<serviceCertificate>
<authentication certificateValidationMode="PeerOrChainTrust"/>
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
And finally I just had to ensure my certificate was in the Trusted People store and finally I get the correct IClaimsIdentity when invoking the service :)
Hope this helps someone out there, because it drove me nuts for a while...

Https binding in WCF throws error

I have a WCF service that needs to hosted using basicHttpBinding using SSL.
So my team has installed a SSL certificate with Anonymous authentication enabled and a hardcoded username and password given in IIS.
I tried giving this binding
<binding name="SecurityByTransport">
<security mode="Transport">
<transport clientCredentialType="Windows" />
</security>
</binding>
But it still doesnt work. I get this error "Could not find a base address that matches scheme http for the endpoint with binding BasicHttpBinding. Registered base address schemes are [https]. "
ServiceModel section:
<system.serviceModel>
<diagnostics>
<messageLogging logEntireMessage="true" logMalformedMessages="true" logMessagesAtTransportLevel="true" />
</diagnostics>
<bindings>
<customBinding>
<binding name="netTcp">
<binaryMessageEncoding>
<readerQuotas maxArrayLength="2147483647" maxStringContentLength="2147483647" maxDepth="64" />
</binaryMessageEncoding>
<security authenticationMode="UserNameOverTransport" />
<windowsStreamSecurity />
<tcpTransport portSharingEnabled="true" maxBufferPoolSize="52428800" maxReceivedMessageSize="2147483647" maxBufferSize="2147483647" />
</binding>
</customBinding>
<basicHttpBinding>
<binding name="Https">
<security mode="Transport">
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name ="Https">
<serviceMetadata httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="Asi.Soa.ServiceModelEx.NullUserNamePasswordValidator, Asi.Soa.ServiceModelEx" />
<clientCertificate>
<authentication certificateValidationMode="None" />
</clientCertificate>
</serviceCredentials>
<serviceAuthorization principalPermissionMode="Custom">
<authorizationPolicies>
<add policyType="Asi.Soa.ServiceModelEx.ClaimsAuthorizationPolicy, Asi.Soa.ServiceModelEx" />
</authorizationPolicies>
</serviceAuthorization>
<exceptionShielding/>
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="SoapBehavior">
</behavior>
<behavior name="RestBehavior">
</behavior>
<behavior name="AjaxBehavior">
<enableWebScript />
</behavior>
</endpointBehaviors>
</behaviors>
<services>
<service name="Asi.Soa.Core.Services.EntityService" >
<endpoint address="https://10.42.150.122/imis15/EntityService.svc" binding="basicHttpBinding" contract="Asi.Soa.Core.ServiceContracts.IEntityService"
bindingConfiguration="Https" />
</service>
</services>
Any help would be appreciated.
Thanks

Try to add to service behavior setting
<serviceMetadata httpsGetEnabled="true"/>
Also you should check that endpoind has a setting
bindingConfiguration="SecurityByTransport"

If you are hosting your service in IIS, please try to remove the http binding from the site bindings.
HTH

Since you are using the web service on IIS, use HTTPS binding for it considering that you are using SSL certificate.

WCF routing + SSL

I need to create a "routing" service.
I'm trying to used the System.ServiceModel.Routing.IRequestReplyRouter of .Net
I can make it work only in HTTP mode, not in HTTPS.
The error is "Cannot establish secure SSL/TLS connection"... I also tried a custom certificate validator but it is not called! (it is created, but the validate method is not called)
I post my configuration here:
<?xml version="1.0"?>
<bindings>
<customBinding>
<!-- Security Off version-->
<binding name="customBindingNotSecure">
<textMessageEncoding messageVersion="Soap12WSAddressing10"/>
<httpTransport />
</binding>
<!-- Security On -->
<binding name="customBindingSecure">
<textMessageEncoding messageVersion="Soap12WSAddressing10">
</textMessageEncoding>
<security authenticationMode="UserNameOverTransport" />
<httpsTransport />
</binding>
<binding name="platoneBinding">
<textMessageEncoding messageVersion="Soap12WSAddressing10" />
<httpsTransport maxReceivedMessageSize="1000000" maxBufferPoolSize="1000000" maxBufferSize="1000000" />
</binding>
</customBinding>
</bindings>
<services>
<service behaviorConfiguration="routingService" name="System.ServiceModel.Routing.RoutingService">
<endpoint address=""
binding="customBinding"
name="reqReplyEndpoint"
contract="System.ServiceModel.Routing.IRequestReplyRouter" bindingConfiguration="customBindingSecure"/>
<endpoint address=""
binding="customBinding"
name="reqReplyEndpointHttp"
contract="System.ServiceModel.Routing.IRequestReplyRouter"
bindingConfiguration="customBindingNotSecure"/>
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="CustomClientBehavior">
<clientCredentials>
<serviceCertificate>
<defaultCertificate findValue="serverx509v1" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName"/>
<authentication customCertificateValidatorType="com.abodata.plat1.WCFProxy.PlatoneCertificateValidator, PlatoneWSRelay"
certificateValidationMode="Custom" revocationMode="NoCheck" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="routingService">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<routing routeOnHeadersOnly="true" filterTableName="routingTable1" />
<serviceCredentials>
<clientCertificate>
<authentication customCertificateValidatorType="com.abodata.plat1.WCFProxy.PlatoneCertificateValidator, PlatoneWSRelay"
certificateValidationMode="Custom" revocationMode="NoCheck" />
</clientCertificate>
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="com.abodata.plat1.WCFProxy.UsernameValidator, PlatoneWSRelay" />
</serviceCredentials>
</behavior>
<behavior name="">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<routing>
<filters>
<filter name="MatchAllFilter1" filterType="MatchAll" />
</filters>
<filterTables>
<filterTable name="routingTable1">
<add filterName="MatchAllFilter1" endpointName="PlatoneWSService" />
</filterTable>
</filterTables>
</routing>
<client>
<endpoint address="https://10.0.2.243:9006/Persistence"
binding="customBinding" bindingConfiguration="platoneBinding"
contract="*" name="PlatoneWSService">
<identity>
<dns value="serverx509v1" />
</identity>
</endpoint>
</client>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
EDIT: I managed to establish the TLS connection by adding to my configuration
<system.net>
<settings>
<servicePointManager checkCertificateName="false" checkCertificateRevocationList="false"/>
</settings>
</system.net>
But... now I have problems with the security header of my soap envelop. The client sends the message correctly to my router, but it removes the security header, so I get an exception...

Ok... I solved also the second problem.
My router binding must not specify the security tag, otherwise it process the envelop.
This is my working configuration
<?xml version="1.0"?>
<configuration>
<system.serviceModel>
<bindings>
<!-- Must use custom binding: silverlight only support basicHttpBinding that is not
SOAP 1.2. So.. I create a custom binding-->
<customBinding>
<!-- Security Off version-->
<binding name="customBindingNotSecure">
<textMessageEncoding messageVersion="Soap12WSAddressing10"/>
<httpTransport />
</binding>
<!-- Security On -->
<binding name="customBindingSecure">
<textMessageEncoding messageVersion="Soap12WSAddressing10">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647"
maxNameTableCharCount="2147483647" />
</textMessageEncoding>
<httpsTransport maxBufferPoolSize="2000000" maxBufferSize="2000000" maxReceivedMessageSize="2000000" />
</binding>
<binding name="platoneBinding">
<textMessageEncoding messageVersion="Soap12WSAddressing10" />
<httpsTransport maxReceivedMessageSize="1000000000" maxBufferPoolSize="1000000000" maxBufferSize="1000000000" />
</binding>
</customBinding>
</bindings>
<services>
<service behaviorConfiguration="routingService" name="System.ServiceModel.Routing.RoutingService">
<endpoint address=""
binding="customBinding"
name="reqReplyEndpoint"
contract="System.ServiceModel.Routing.IRequestReplyRouter" bindingConfiguration="customBindingSecure"/>
<endpoint address=""
binding="customBinding"
name="reqReplyEndpointHttp"
contract="System.ServiceModel.Routing.IRequestReplyRouter"
bindingConfiguration="customBindingNotSecure"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="routingService">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<routing routeOnHeadersOnly="true" filterTableName="routingTable1" />
</behavior>
<behavior name="">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<routing>
<filters>
<filter name="MatchAllFilter1" filterType="MatchAll" />
</filters>
<filterTables>
<filterTable name="routingTable1">
<add filterName="MatchAllFilter1" endpointName="PlatoneWSService" />
</filterTable>
</filterTables>
</routing>
<client>
<!-- https://10.0.2.243:9006/Persistence -->
<endpoint address="https://10.0.2.243:9006/Persistence"
binding="customBinding" bindingConfiguration="platoneBinding"
contract="*" name="PlatoneWSService">
</endpoint>
</client>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
<system.net>
<settings>
<servicePointManager checkCertificateName="false" checkCertificateRevocationList="false"/>
</settings>
</system.net>
</configuration>
Dimensions for the buffer and message have to be "tested" (that is.. I chose a big number to make it works...)