We Keep Coding

Binding validation failed because the wshttpbinding does not support reliable sessions over transport security over HTTPS

I have seriously ran into a problem and could not resolve it. I have searched a ton of forums but couldn't find anything matching to resolve my issue.
I have two components. One is a WCF service and the other is a client which is basically a hardware that fetches the information from the web service. The WCF service is hosted over IIS with https. The client was able to hit the service when the SSL certificate was not installed, but after the installation of SSL certificate the machine started giving the error I mentioned in the title of my question.
This is the web.config of my service
`
<system.serviceModel>
<!--<behaviors>
<serviceBehaviors>
<behavior name="">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"
multipleSiteBindingsEnabled="true" />-->
<bindings>
<wsHttpBinding>
<binding name="wshttpbinding" bypassProxyOnLocal="true" receiveTimeout="00:10:00">
<reliableSession inactivityTimeout="23:00:00" enabled="true"/>
<security mode="None">
<transport clientCredentialType="None" />
<message clientCredentialType="None" establishSecurityContext="false" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="Services.ServiceBehavior" name="CJDWebServices.Service">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="wshttpbinding"
contract="CJDWebServices.IService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="http://localhost/TxService/" />
</baseAddresses>
</host>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="Services.ServiceBehavior">
<!-- To avoid disclosing metadata information,
set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="True"/>
<!-- To receive exception details in faults for debugging purposes,
set the value below to true. Set to false before deployment
to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="False" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
</configuration>
`
And this is the app.config of my application running on the hardware
`
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:25:00" sendTimeout="00:25:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="16384"
maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<reliableSession ordered="true" inactivityTimeout="23:59:00"
enabled="True" />
<security mode="Transport">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Windows" negotiateServiceCredential="true"
establishSecurityContext="true" />
</security>
</binding>
<binding name="WSHttpBinding_IMachineMgmt" closeTimeout="00:02:00"
openTimeout="00:02:00" receiveTimeout="00:25:00" sendTimeout="00:25:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647"
maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<reliableSession ordered="true" inactivityTimeout="23:59:00"
enabled="true" />
<security mode="Transport">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Windows" negotiateServiceCredential="true"
establishSecurityContext="true" />
</security>
</binding>
<binding name="WSHttpBinding_IPM" closeTimeout="00:02:00" openTimeout="00:02:00"
receiveTimeout="00:05:00" sendTimeout="00:05:00" bypassProxyOnLocal="false"
transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647"
maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="true" />
<security mode="Transport">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Windows" negotiateServiceCredential="true"
establishSecurityContext="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://dummy1/dummy1/dummy1.svc" binding="wsHttpBinding" <!-- This is the one causing trouble --!>
bindingConfiguration="WSHttpBinding_IService" contract="IService"
name="WSHttpBinding_IService">
<identity>
<dns value="dummy1" />
</identity>
</endpoint>
<endpoint address="https://dummy2/dummy2/dummy2.asmx" binding="wsHttpBinding"
bindingConfiguration="WSHttpBinding_IMachineMgmt"
contract="MonService.IMachineMgmt" name="WSHttpBinding_IMachineMgmt">
<identity>
<dns value="dummy2" />
</identity>
</endpoint>
<endpoint address="https://dummy3/dummy3/" binding="wsHttpBinding"
bindingConfiguration="WSHttpBinding_IPM" contract="IPM" name="WSHttpBinding_IPM">
<identity>
<dns value="dummy3" />
</identity>
</endpoint>
</client>
</system.serviceModel>
<appSettings>
<empty here>
</appSettings>
</configuration>
`
The service mentioned below is my pain area
<endpoint address="https://dummy1/dummy1/dummy1.svc" binding="wsHttpBinding" <!-- This is the one causing trouble --!>
bindingConfiguration="WSHttpBinding_IService" contract="IService"
name="WSHttpBinding_IService">
<identity>
<dns value="dummy1" />
</identity>
</endpoint>
I have tried playing around with changing the security mode from none to transport and vice versa, but no luck. I even tried it on the web service configuration file but still no luck.
The service is accessible on the machine by the URL if I browse it on the browser

In response to your problem, I propose the following two solutions:
1.First of all, in the MSDN post there is an example of using wshttpbinding transport, accompanied by the corresponding code, you can learn about it.
Here is the web.config on its server side：
<system.serviceModel>
<protocolMapping>
<add scheme="https" binding="wsHttpBinding" />
</protocolMapping>
<bindings>
<wsHttpBinding>
<!-- configure wsHttp binding with Transport security mode and clientCredentialType as None -->
<binding>
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<!--For debugging purposes set the includeExceptionDetailInFaults attribute to true-->
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To expose metadata over a secure transport uncomment the serviceMetadata behavior
and the mex endpoint above
Note: you must have a valid certificate for svcutil to work -->
<!--<serviceMetadata httpsGetEnabled="True"/>-->
<serviceDebug includeExceptionDetailInFaults="False" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
Here is the app.config on its client side：
<system.serviceModel>
<client>
<!-- this endpoint has an https: address -->
<endpoint address="https://localhost/servicemodelsamples/service.svc" binding="wsHttpBinding" bindingConfiguration="Binding1" contract="Microsoft.Samples.TransportSecurity.ICalculator"/>
</client>
<bindings>
<wsHttpBinding>
<!-- configure wsHttpbinding with Transport security mode
and clientCredentialType as None -->
<binding name="Binding1">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
</system.serviceModel>
2.Finally, you can try to use custom bindings：
wcf custom bindings

Setting up config files for WCF with SSL and certificates

I'm trying to set up a WCF webservice in IIS 7 with SSL and I'm a bit lost with config files.
I want the data from the server to the client to be garbled (Is this enough with SSL?)
The client will also need to identity itself to the server through a certificate.
I have the following certificates in place:
dev.test.com - accessing the url https://dev.test.com/TestService.svc shows that there is this valid certificate in place.
TestServer - a dummy certificate that identifies the server (Do I need really need this? Or perhaps I can reuse the dev.test.com? Maybe have server.test.com?)
TestClient - a dummy certificate on the client side
And this is how my config files are set up:
Web.config (Server):
<bindings>
<wsHttpBinding>
<binding name="wsHttpEndpointBinding"
messageEncoding="Mtom">
<security mode="Message">
<transport clientCredentialType="None" />
<message clientCredentialType="Certificate" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service
name="TestService"
behaviorConfiguration="TestServiceBehavior">
<endpoint
name="TestEndPoint"
address=""
binding="wsHttpBinding"
bindingConfiguration="wsHttpEndpointBinding"
bindingNamespace="http://www.example.com/"
contract="iWebService">
<!--<identity>
<dns value=""/>
</identity>-->
</endpoint>
<endpoint address="mex" binding="mexHttpsBinding" bindingConfiguration="" name="MexHttpsBindingEndpoint" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="TestServiceBehavior">
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" />
<serviceCredentials>
<clientCertificate>
<authentication certificateValidationMode="PeerOrChainTrust" />
</clientCertificate>
<serviceCertificate findValue="TestServer" storeLocation="LocalMachine"
storeName="My" x509FindType="FindBySubjectName" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
App.config (Client):
<bindings>
<wsHttpBinding>
<binding name="wsHttpBinding" bypassProxyOnLocal="false"
transactionFlow="false" hostNameComparisonMode="StrongWildcard"
messageEncoding="Mtom" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<reliableSession ordered="true"
enabled="false" />
<security mode="Message">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Certificate" negotiateServiceCredential="true"
algorithmSuite="Default" />
</security>
</binding>
<binding name="TestEndPoint" bypassProxyOnLocal="false"
transactionFlow="false" hostNameComparisonMode="StrongWildcard"
messageEncoding="Mtom"
textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<reliableSession ordered="true"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Certificate" negotiateServiceCredential="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://dev.test.com/TestService.svc"
behaviorConfiguration="TestServiceBehavior"
binding="wsHttpBinding" bindingConfiguration="wsHttpBinding"
contract="IContractName" name="wsHttpBinding">
<identity>
<dns value="TestServer" />
</identity>
</endpoint>
<endpoint address="https://dev.test.com/DistributionCenterService.svc"
binding="wsHttpBinding" bindingConfiguration="TestEndPoint" contract="IContract.Name"
name="TestEndPoint" />
</client>
<behaviors>
<endpointBehaviors>
<behavior name="TestServiceBehavior">
<clientCredentials>
<clientCertificate findValue="TestClient"
storeName="My"
storeLocation="CurrentUser"
x509FindType="FindBySubjectName"/>
<serviceCertificate>
<authentication
certificateValidationMode="PeerOrChainTrust"
revocationMode="NoCheck"
trustedStoreLocation="CurrentUser"/>
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
When I try to access the https://dev.test.com/TestService.svc, I get
Could not find a base address that matches scheme http for the endpoint with binding WSHttpBinding. Registered base address schemes are [https].
Anyway, I'm really lost with what config setting I should be using.

I believe for you to be able to use https, your security mode on the wsHttpBinding for the client needs to be either Transport or (probably in your case) TransportWithMessageCredential.

WCF service using transport clientCredentialType Basic

I'm trying to create a wcf service which does basic authentication, but i'm having some troubles.
Here's what my web.config for the service looks like:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<client />
<services>
<service name="Service.DataExchangeService" behaviorConfiguration="MyBehavior">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="wsDataImportEndpoint" contract="Service.IDataExchangeService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="http://localhost:8732/Design_Time_Addresses/DataExchange.Server.Service/Service1/" />
</baseAddresses>
</host>
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="wsDataImportEndpoint" maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="32" maxStringContentLength="2147483647"
maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Transport">
<transport clientCredentialType="Basic"/>
<message clientCredentialType="UserName" negotiateServiceCredential="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="MyBehavior">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceCredentials>
<userNameAuthentication customUserNamePasswordValidatorType="DataExchange.Server.Service.UserNameValidator, DataExchange.Server.Service"
userNamePasswordValidationMode="Custom" />
</serviceCredentials>
</behavior>
<behavior name="">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
<connectionStrings>
<add name="ApplicationServices" connectionString="data source=sharept07\mssqlserver2008;initial catalog=VOS.Membership;integrated security=True;" providerName="System.Data.SqlClient" />
<add name="ROSEntities" connectionString="metadata=res://*/ROSModel.csdl|res://*/ROSModel.ssdl|res://*/ROSModel.msl;provider=System.Data.SqlClient;provider connection string="data source=sharept07\MSSQLServer2008;initial catalog=VOS;integrated security=True;multipleactiveresultsets=True;App=EntityFramework"" providerName="System.Data.EntityClient" />
</connectionStrings>
</configuration>
and here's what my client config file looks like:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IDataExchangeService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="Basic" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" negotiateServiceCredential="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://server.com:446/DataExchangeService/DataExchangeService.svc"
binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataExchangeService"
contract="DataExchangeSvc.IDataExchangeService" name="WSHttpBinding_IDataExchangeService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
</client>
</system.serviceModel>
</configuration>
and here's how i'm calling the service within my client:
static void Main(string[] args)
{
using (var client = new DataExchangeSvc.DataExchangeServiceClient())
{
client.ClientCredentials.UserName.UserName = "test";
client.ClientCredentials.UserName.Password = "test";
var data = client.RetrieveData();
}
}
When i set the the transport mode to "None" within security node in the Service config file the above works perfectly if i omit the credential lines, but the moment i change it to Basic i keep getting this error:
There was no endpoint listening at https://server.com:446/DataExchangeService/DataExchangeService.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.
I don't really know what's going on so if anyone can guide me in any way that would be extremely helpful.
Thanks

I think what you really want here is to use TransportWithMessageCredential instead of just Transport. Just using <security mode="Transport"> will get your service going over HTTPS but has nothing to do with using credentials for authentication. If you use <security mode="TransportWithMessageCredential"> you can use HTTPS and have username and password. Here is an MSDN article about this.
EDIT
If you really do just want to use Transport, take out the <message> node from your service config.

Problem calling WCF service internet

I am developing a WCF service that will be called by customer in internet. The service is hosted in IIS7 and accept only http. For clients call us from https we do is have a reverse proxy that forwards the request to the application https to http. The customer give a https url to connect and does so smoothly, adding the reference to the service properly. The problem comes when trying to create a client and add in your endpoint https and execute it, as it reads:
System.ArgumentException: The provided URI scheme 'https' is invalid,
expected 'http'. Parameter name: via.
I leave part of the service's web.config:
<bindings>
<wsHttpBinding>
<binding name="ConfigEP">
<security mode="Message">
<message clientCredentialType="Certificate" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true">
<baseAddressPrefixFilters>
<add prefix="http://serverInterno/App/"/>
</baseAddressPrefixFilters>
</serviceHostingEnvironment>
<services>
<service behaviorConfiguration="App.AppM_NameBehavior" name="App.AppM_Name">
<endpoint address="" behaviorConfiguration="App.AppM_NameEPBehavior" binding="wsHttpBinding" bindingConfiguration="ConfigEP" name="App.AppM_NameEP" bindingNamespace="http://siteName/AppM_Name" contract="App.IAppM_Name" />
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="App.AppM_NameEPBehavior">
<wsdlExtensions location="https://urlsegura/App/Appm_Name.svc" singleFile="true" />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="App.AppM_NameBehavior">
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" />
<serviceCredentials>
<clientCertificate>
<authentication customCertificateValidatorType="App.Validador, App" certificateValidationMode="Custom" />
</clientCertificate>
<serviceCertificate findValue="XX XX XX XX XX XX XX XX XX XX" x509FindType="FindBySerialNumber" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<extensions>
<behaviorExtensions>
<add name="wsdlExtensions" type="WCFExtras.Wsdl.WsdlExtensionsConfig, WCFExtras, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null"/>
</behaviorExtensions>
</extensions>
and here the client's app.config:
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="NewBehavior">
<clientCredentials>
<clientCertificate findValue="XX XX XX XX XX XX XX XX XX XX" x509FindType="FindBySerialNumber" />
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="App.AppM_NameEP" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" />
<security mode="Message">
<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
<message clientCredentialType="Certificate" negotiateServiceCredential="true" algorithmSuite="Default" establishSecurityContext="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://urlsegura/App/Appm_Name.svc" binding="wsHttpBinding" bindingConfiguration="App.AppM_NameEP" contract="App.IAppM_Name" name="App.AppM_NameEP">
<identity>
<certificate encodedValue="XXXX" />
</identity>
</endpoint>
</client>
</system.serviceModel>
Thanks in advance.
Best regards.

I think your error is being caused because you're using message based security on your configuration. Try changing it to Transport instead (in both the client and service configuration files), so that it uses SSL for security rather than encrypting the message.
You can use TransportWithMessageCredential if you absolutely must have the message encrypted also. Hope that helps.

I don't understand the reverse proxy you describe but it seems you're trying to support access from both HTTP & HTTPS. To do this, you will need to add a second endpoint. You'd configure the service something like this:
<wsHttpBinding>
<binding name="ConfigEP">
<security mode="Message">
<message clientCredentialType="Certificate" />
</security>
</binding>
<binding name="ConfigEPHttps">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="Certificate" />
</security>
</binding>
</wsHttpBinding>
and this add the new endpoint:
<service behaviorConfiguration="App.AppM_NameBehavior" name="App.AppM_Name">
<endpoint address="" behaviorConfiguration="App.AppM_NameEPBehavior"
binding="wsHttpBinding"
bindingConfiguration="ConfigEP"
name="App.AppM_NameEP"
bindingNamespace="http://siteName/AppM_Name"
contract="App.IAppM_Name" />
<endpoint address="secure" behaviorConfiguration="App.AppM_NameEPBehavior"
binding="wsHttpBinding"
bindingConfiguration="ConfigEPHttps"
name="App.AppM_NameEPHttps"
bindingNamespace="http://siteName/AppM_Name"
contract="App.IAppM_Name" />
</service>
You also need make this change to get the WSDL over HTTPS:
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />

WCF call throws: "The provided URI scheme 'http' is invalid; expected 'net.tcp'." exception

I have a WCF service hosted in IIS7.
This is the app.config for my service hosted in IIS
<system.serviceModel>
<bindings />
<services>
<service behaviorConfiguration="querierSearch.Querier.WCF.QuerierBehavior"
name="querierSearch.Querier.WCF.Querier">
<endpoint
address="net.tcp://localhost:808/querierSearch.Querier.WCF/Querier.svc"
binding="netTcpBinding" bindingConfiguration="" name="EndPointTCP"
contract="querierSearch.Querier.WCF.IQuerier" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="querierSearch.Querier.WCF.QuerierBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
And below is the app.config in the client that references the WCF Service.
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<bindings>
<netTcpBinding>
<binding name="EndPointTCP" closeTimeout="00:01:00"
openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00"
transactionFlow="false" transferMode="Buffered"
transactionProtocol="OleTransactions"
hostNameComparisonMode="StrongWildcard" listenBacklog="10"
maxBufferPoolSize="524288"
maxBufferSize="65536" maxConnections="10"
maxReceivedMessageSize="65536">
<readerQuotas maxDepth="32" maxStringContentLength="8192"
axArrayLength="16384" maxBytesPerRead="4096"
maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="Windows"
protectionLevel="EncryptAndSign" />
<message clientCredentialType="Windows" />
</security>
</binding>
</netTcpBinding>
</bindings>
<client>
<endpoint address="net.tcp://localhost/Search.Querier.WCF/Querier.svc"
binding="netTcpBinding" bindingConfiguration="EndPointTCP"
contract="SearchQueryService.IQuerier"
name="EndPointTCP">
<identity>
<userPrincipalName value="joeuser#company.com" />
</identity>
</endpoint>
</client>
</system.serviceModel>
</configuration>
For some reason I still get "The provided URI scheme 'http' is invalid; expected 'net.tcp'." exception .
I cannot figure out why.....

Actually it turns out i was missing the mex endpoint...
woops

Possibly this
<serviceMetadata httpGetEnabled="true" />
You're asking it to enable HTTP on a TCP service, which seems like it might cause some problems.

My issue is that the behaviorConfiguration in the web.config is deleted after I refresh the the Service References.
(My behaviorConfiguration uses a clientVia address rather than a standard endpoint address to allow it to traverse the firewall).