We Keep Coding

WCF TCP self-host works from within console app but not Windows service

Windows 11 VS2019 vb.net. The WCF service listens on the specified port when hosted in a console app but fails to listen when hosted from within a Windows service. Verified by executing "netstat -aon". I assume the problem is with my deployment of the windows service since everything works great when hosted in the console app. A client can connect, etc. All of this is being performed on the same computer so no firewall issues. But I did turn off the firewall to test. I also tried the service installation on a different computer with the same results. Since this my first post, I'll try to include some code to demonstrate my config.
<system.serviceModel>
<services>
<service behaviorConfiguration="WcfHomeCamInterface.Service1Behavior"
name="WcfHomeCamInterface.wcfHomeCamService">
<endpoint address="" binding="netTcpBinding" contract="WcfHomeCamInterface.IHomeCamService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexTcpBinding" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="net.tcp://localhost:9000" />
</baseAddresses>
</host>
</service>
</services>
<bindings>
<netTcpBinding>
<binding name="tcp_Unsecured"
transferMode="Buffered"
maxReceivedMessageSize="2147483647"
maxBufferSize="2147483647"
maxBufferPoolSize="2147483647">
<security mode="None"/>
<readerQuotas maxArrayLength="2147483647" />
</binding>
</netTcpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="WcfHomeCamInterface.Service1Behavior">
<!-- To avoid disclosing metadata information,
set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="False"/>
<!-- To receive exception details in faults for debugging purposes,
set the value below to true. Set to false before deployment
to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="False" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
I've tried several different config file configurations with the same result. I've also tried different accounts from within the ProjectInstaller as well. However, the rest of the Windows service runs correctly - connects to the Sqllite database and executes all of the other subroutines. Do certain other windows services need to be running?? Any ideas would be appreciated, Thanks.

Check whether the port is occupied, and then run the following command:
netsh http add urlacl url=http://+:8080/ user="NETWORK SERVICE"
If something goes wrong, you can also delete it with this command:
netsh http delete urlacl url=http://+:8080/
As far as I know, debugging is a cumbersome and lengthy process, and I hope this method can help you.

I did get this to work by re-creating the WCF and Windows service from scratch. Before, I had just copied and pasted code from a project that I had created a few years ago. I'm not sure what was causing the original problem, but it now works with the service on one computer and the client on another in the same subnet. Thanks in advance....
Here is the working config file on the server:
<system.serviceModel>
<services>
<service name="WcfCamLibrary.CamService">
<endpoint address="" binding="netTcpBinding" bindingConfiguration="tcp_Unsecured"
contract="WcfCamLibrary.ICamService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexTcpBinding" bindingConfiguration=""
contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="net.tcp://localhost:8523" />
</baseAddresses>
</host>
</service>
</services>
<bindings>
<netTcpBinding>
<binding name="tcp_Unsecured"
transferMode="Buffered"
maxReceivedMessageSize="2147483647"
maxBufferSize="2147483647"
maxBufferPoolSize="2147483647">
<security mode="None" />
<readerQuotas maxArrayLength="2147483647" />
</binding>
</netTcpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="">
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>

again The maximum message size quota for incoming messages (65536) has been exceeded

i know too many duplicates for this message but please give your lights here..
I am getting an entity from WCF Customer which contains a photo field in base64. I have no problem to get it on my android device
when i update lets say the phone of this customer and upload the entity in in wcf i get an error Entity too large
Please also note that..
If i debug my WCF from the solution right click debug and try to read this entity i am getting the error maximum message size quota for incoming messages has been exceeded
The strange is how is possible that i can read the entity on device but i cannot read it when debugging and i cannot upload it back when i save.
3 different things here..
When i connect from code behind to my service i do it like this
ServiceEndPoint = New ServiceModel.EndpointAddress(New Uri("http://MyIpAddress:MyPort/WcfServiceLibrary1.Service1.svc"))
Dim Binding As New BasicHttpBinding
Binding.MaxReceivedMessageSize = 20000000
MyService = New ServiceReference1.Service1Client(Binding, ServiceEndPoint)
and this is my Configuration
<system.serviceModel>
<client>
<endpoint name="basicEndpoint"
address="http://localhost:8733/Design_Time_Addresses/WcfServiceLibrary1/Service1/"
binding="basicHttpBinding"
bindingConfiguration="basicHttp"
contract="WcfServiceLibrary1.IService1"
>
</endpoint>
</client>
<services>
<service name="WcfServiceLibrary1.Service1" behaviorConfiguration="ServiceBehavior">
<host>
<baseAddresses>
<add baseAddress="http://localhost:8452/Design_Time_Addresses/WcfServiceLibrary1/Service1/" />
</baseAddresses>
</host>
<!-- Service Endpoints -->
<!-- Unless fully qualified, address is relative to base address supplied above -->
<endpoint address="http://localhost:8542/Design_Time_Addresses/WcfServiceLibrary1/Service1/" binding="basicHttpBinding" bindingConfiguration="basicHttp" contract="WcfServiceLibrary1.IService1">
<!--Upon deployment, the following identity element should be removed or replaced to reflect the
identity under which the deployed service runs. If removed, WCF will infer an appropriate identity
automatically.-->
<!--<identity>
<dns value="localhost" />
</identity>-->
</endpoint>
<!-- Metadata Endpoints -->
<!-- The Metadata Exchange endpoint is used by the service to describe itself to clients. -->
<!-- This endpoint does not use a secure binding and should be secured or removed before deployment -->
<!--<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />-->
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="basicHttp" allowCookies="true" maxReceivedMessageSize="20000000" maxBufferSize="20000000" maxBufferPoolSize="20000000">
<readerQuotas maxDepth="32" maxStringContentLength="20000000" maxArrayLength="20000000" />
<security mode="None"></security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<!-- To avoid disclosing metadata information,
set the values below to false before deployment -->
<serviceMetadata httpGetEnabled="True" httpsGetEnabled="True" />
<dataContractSerializer maxItemsInObjectGraph="2147483647"/>
<!-- To receive exception details in faults for debugging purposes,
set the value below to true. Set to false before deployment
to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>

Try changing all values of property in binding to 2147483647.
Try programmatically setting value as follows
BasicHttpBinding binding = new BasicHttpBinding() {
MaxBufferSize = 2147483647,
MaxReceivedMessageSize = 2147483647
};

WCF Binding to HTTPS

I understand that there are many posts about this, and I've been through all of them that came up on my search and implemented everything that was mentioned. I have a WCF web service that works on my local system on HTTP, and it worked on the server on HTTP. But the client requires that this works through HTTPS. The miriad of posts on this and other sites shows me that this is not as straight forward as it should be, since before this, the ASMX web service "just worked" and didn't need complicated configuration.
I'm getting the following error with my current configuration:
Could not find a base address that matches scheme https for the
endpoint with binding WSHttpBinding. Registered base address schemes
are [http].
Here is my code as of this moment, after trying for days to configure this to work to no avail:
<system.serviceModel>
<!-- -->
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" >
<baseAddressPrefixFilters>
<add prefix="https://mysite.com"/>
<add prefix="http://mysite.com"/>
</baseAddressPrefixFilters>
</serviceHostingEnvironment>
<!-- Set up Custom Behaviors -->
<behaviors>
<endpointBehaviors>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="WebPostService.WebPostServiceBehavior">
<serviceMetadata httpsGetEnabled="true" httpsGetUrl="WebPostServices.svc/mex" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<!-- Set up the binding configuration -->
<bindings>
<wsHttpBinding>
<binding name="SOAPBinding"
>
<security mode="Transport">
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service
behaviorConfiguration="WebPostService.WebPostServiceBehavior"
name="WebPostService.WebPostService"
>
<host>
<baseAddresses>
<add baseAddress="https://mysite.com/Services/WebPostService.svc"/>
</baseAddresses>
</host>
<endpoint address=""
binding="wsHttpBinding"
bindingConfiguration="SOAPBinding"
contract="WebPostService.IWebPostService"
>
<identity>
<dns value="mysite.com" />
</identity>
</endpoint>
<endpoint
address="mex"
binding="mexHttpsBinding"
contract="IMetadataExchange"
>
</endpoint>
</service>
</services>
</system.serviceModel>
What am I doing wrong and how can I get this to work over HTTPS? I'm frustrated that this is not as simple as it should be. I have been burried in WCF documentation at MSDN for the months working on this project, and have a good grasp of services, end-points and bindings --- enough to frustrate me even more than if I had no knowledge at all.
UPDATE: Still working on this, I had an odd error when trying to put the full URL for the mex address. I changed to this:
address="https://prcwebs.com/Services/WebPostService.svc/mex"
and got the error:
Security settings for this service require Windows Authentication but
it is not enabled for the IIS application that hosts this service.
I'm not trying to use Windows Authentication, the security setting wasn't changed and is still set to
<security mode="Transport" />
Could not find a base address that matches scheme https for the endpoint with binding WebHttpBinding. Registered base address schemes are [http]
- was not helpful, nothing mentioned that would help
Could not find a base address that matches scheme http for the endpoint with binding WSHttpBinding
- I'm using transport security, this does not apply. tried changing to different security modes, still could not get site to work.

Add multipleSiteBindingsEnabled="true" to the serviceHostingEnvironment and update the security to disable client credentials:
<security mode="Transport">
<transport clientCredentialType="None"></transport>
</security>
EDIT
My final working version under windows 2003 was with the following config.
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="false" />
<!-- Set up Custom Behaviors -->
<behaviors>
<endpointBehaviors>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="WebPostService.WebPostServiceBehavior">
<serviceMetadata httpsGetEnabled="true" httpsGetUrl="WebPostServices.svc/mex" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<!-- Set up the binding configuration -->
<bindings>
<wsHttpBinding>
<binding name="SOAPBinding">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="WebPostService.WebPostServiceBehavior"
name="WcfService2.Service1">
<host>
<baseAddresses>
<add baseAddress="https://localhost/Service/Service1.svc"/>
</baseAddresses>
</host>
<endpoint address=""
binding="wsHttpBinding"
bindingConfiguration="SOAPBinding"
contract="WcfService2.IService1">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex"
binding="mexHttpsBinding"
contract="IMetadataExchange">
</endpoint>
</service>
</services>
</system.serviceModel>
You can access the website with https so I guess the certificate part of the installation is correct. If you have anything you want to compare with my setup, let me know.

You are using the wrong bindings for HTTPS.
There is two separate binding classes. wsHttpBinding and wsHttpsBinding notice the s.
You need to add a wsHttpsBinding for HTTPS under bindings and you need a new endpoint for that binding.
Also the particular error you are seeing typically I get to see if IIS hasn't been setup for https from that location.
Open IIS Manager
Open Sites
Right click on Default Web Site.
Edit Bindings
Ensure that there is an entry for https as well as http.
Open IIS Manager
Find your application (I think its going to be Default Web Site).
Right click
Manage Website/Application
Advanced Settings
Enabled Protocols
http,https

I used this and it worked for me, maybe it can help you
To enable the Https on WCF WsHttp bindings, there are some simple steps that should be changed in the web.config file.
Those steps are:
Enable transport level security in the web.config file of the service:
In this step you need to change the security mode from none to Transport. The code below shows how you can do it:
<bindings>
<wsHttpBinding>
<binding name="TransportSecurity">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
Tie up the binding and specify the HTTPS configuration
You need to now associate the bindings, the previews step, with the end points. use the bindingConfiguration tag to specify the binding name. You also need to specify the address where the service is hosted. The code below shows how you can do it
<service name="WCFWSHttps.Service1" behaviorConfiguration="WCFWSHttps.Service1Behavior">
<!-- Service Endpoints -->
<endpoint address=https://localhost/WCFWSHttps/Service1.svc binding="wsHttpBinding" bindingConfiguration="TransportSecurity" contract="WCFWSHttps.IService1"/>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange"/>
</service>
.
you also need to change httpGetEnabled to httpsGetEnabled in the serviceMetaData. The code below shows how you can it:
<serviceMetadata httpsGetEnabled="true"/>
Hope it helped

I've used your exact configuration in 3.5 setting and it works with Transport mode using clientCredentialType="None" as mentioned below in Luuk's answer. But just to be sure, I went ahead an created a sample project to simulate as much of your environment as I could gather from the information here.
To simulate your environment I set my IIS (7.5) to use standard Asp.Net 2.0 Integrated app pool. I added 3 http bindings and 3 https bindings in order to simulate your "can have only one address per scheme issue" and baseAddressPrefixFilters works with that.
I only did a search and replace on mysite.com to localhost. Below is the copy paste of exact configuration that I used to produce the screenshot:
web.config
<?xml version="1.0"?>
<configuration>
<system.web>
<compilation debug="true" />
<authentication mode="None"/>
<customErrors mode="Off"/>
</system.web>
<system.serviceModel>
<!-- -->
<serviceHostingEnvironment aspNetCompatibilityEnabled="true">
<baseAddressPrefixFilters>
<add prefix="https://localhost"/>
<add prefix="http://localhost"/>
</baseAddressPrefixFilters>
</serviceHostingEnvironment>
<!-- Set up Custom Behaviors -->
<behaviors>
<endpointBehaviors/>
<serviceBehaviors>
<behavior name="WebPostService.WebPostServiceBehavior">
<serviceMetadata httpsGetEnabled="true" httpsGetUrl="WebPostServices.svc/mex"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
<!-- Set up the binding configuration -->
<bindings>
<wsHttpBinding>
<binding name="SOAPBinding">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="WebPostService.WebPostServiceBehavior" name="WebPostService.WebPostService">
<host>
<baseAddresses>
<add baseAddress="https://localhost/Services/WebPostService.svc"/>
</baseAddresses>
</host>
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="SOAPBinding" contract="WebPostService.IWebPostService">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange"/>
</service>
</services>
</system.serviceModel>
</configuration>
Here's the result:
You'll notice that WebPostService.svc appears twice in mex full url. You need to drop httpsGetUrl to be only mex instead of WebPostService.svc/mex (or drop it out altogether, and it still works fine on my side)
If you'd like to discuss this or what could be different between our envinronments besides IIS version, I'm in WPF chat room almost all day (another 5-6 hours).

maximum message size quota for incoming messages (65536) has been exceeded

I have my app.config file set up so that the maxRecievedMessageSize is well beyond 65536, any tips I can get in order to improve this?
This is my current app.config file
<bindings>
<basicHttpBinding>
<binding
name="FinalInspectionEndpoint"
maxBufferSize="2147483647"
maxReceivedMessageSize="2147483647" >
<security mode="None" />
<readerQuotas maxDepth="2000000" maxStringContentLength="2000000" maxArrayLength="2000000" maxBytesPerRead="2000000" maxNameTableCharCount="2000000" />
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="AGY.FI.SQLService.FinalInspectionManager">
<endpoint address="" binding="basicHttpBinding" contract="AGY.FI.SQLService.FinalInspectionService" bindingConfiguration="FinalInspectionEndpoint">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="http://localhost:8732/Design_Time_Addresses/AGY.FI.SQLService/Service1/" />
</baseAddresses>
</host>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information,
set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="True"/>
<!-- To receive exception details in faults for debugging purposes,
set the value below to true. Set to false before deployment
to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="False" />
</behavior>
</serviceBehaviors>
</behaviors>

The config file looks like it's set up correctly.
Are you still getting an error, or simply asking if there's a better way to do what you're doing? Is it possible the size of the message is larger than the value you have currently set?
If the former, what is the error you're seeeing?
If the latter, the only thing I would recommend is to set the size of maxReceivedMessageSize to a value that is as large as the largest value you expect the service to need, so you limit your exposure to DDOS attacks.

You did not tell us, what you are sending when this exception is thrown. From my experience, this happened when I was serializing whole objects which contained a lot of properites or even collections.
One way around is to make buffer on each side and serialize object, break up result of serialization to smaller pieces, send pieces one by one, and then have them put togather on other side and deserialize. At least this solved my problem with this exception.

WCF - changing endpoint address results in securityexception

My WCF Service uses wsHttpBinding and works fine from the client when the service is gerenated by the client using the default options as follows:
RServiceClient R = new RServiceClient();
However, at some point I'll need to be able to specify the location of the service, presumably by changing the endpoint address as follows:
RServiceClient R = new RServiceClient();
R.Endpoint.Address = new EndpointAddress(new Uri "http://xxx.xxxx.xxx:80/RServer/RService.svc"));
However, when I do specify the exact endpoint, I get a SecurityNegotiationException:
System.ServiceModel.Security.SecurityNegotiationException was unhandled
Message="The caller was not authenticated by the service."
Source="mscorlib"....
The WCF service runs on IIS and has anonymous access enabled under IIS admin. Also, this error occurs when the client is run from the same machine as the service under an admin account - I havn't got to the scary part of running it over the net yet!
Any Ideas?

By default, wsHttpBinding uses Windows authentication. I'm not sure how hosting in IIS affects that scenario.
If you don't want security turned on, you can add an element for security and set the mode element to "None" to the config on both ends to turn off the default setting.
I think this may do the trick -- I've added the section for wsHttpBinding and set the bindingConfiguration of your service to point to the newly added binding properties:
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="wsHttpBind">
<security mode="None">
<transport clientCredentialType="None" protectionLevel="EncryptAndSign" />
<message clientCredentialType="None" algorithmSuite="Default" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="ServiceBehavior"
name="RService">
<endpoint address=""
binding="wsHttpBinding"
bindingConfiguration="wsHttpBind"
name="RService"
contract="IRService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex"
binding="mexHttpBinding"
name="MetadataExchange"
contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>

check this from your config :
...
<identity>
<dns value="localhost" />
</identity>
...
afaik wsHttpBinding has message security turned on by default.
and when it checks against the dns value "localhost" it fails.

Are you using MessageSecurity with certificates? this could be a certificate issue (wrong hostname, self-signed certificate not installed, etc..)

Here is my Service configuration information, i'm using wshttpbinding:
<system.serviceModel>
<services>
<service behaviorConfiguration="ServiceBehavior" name="RService">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration=""
name="RService" contract="IRService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" name="MetadataExchange"
contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>

Deleting the identity block didn't work, although did give me an idea:
If I change the endpoint address from:
R.Endpoint.Address = new EndpointAddress(new Uri("http://bigpuss.homeip.net/RServer/RService.svc"));
to
R.Endpoint.Address = new EndpointAddress(new Uri("http://localhost/RServer/RService.svc"));
then everything works fine! Soo, its obviously upset about the nonlocal url address. Are there any other areas in the configuration where security is set up?