In this post, I will explain; how could we expose a WCF REST Service over secure HTPP (HTTPS)? Essentially there are three steps involved

1. Create a certificate or use a third party provided certificate

2. Configure HTTPS in IIS

3. Configure webHttpBinding to use transport level security

Create Certificate

To expose a service over HTTPS, we need to have a certificate in store. Either you can create your own X.509 certificate or use certificate provided by 3rd parties.

I am going to create my own certificate. To create X.509 certificate Open Inetmgr


In center you will get an option of Server Certificates. Double click on that.


At left pane you will get option to create a server certificate. Select Create Self-Signed Certificate


Just follow the wizard to create the self-signed certificate


Configure HTTPS in IIS

Next step we need to do is to configure SSL in IIS. Follow below steps for the same.

1. Open IIS

2. Select Default Web Site


3. Select SSL setting


4. Select Binding option of Edit Site tab from left panel


5. Add a Binding for HTTPS.


6. Select HTTPS from dropdown


7. Now we need to choose a certificate for secure communication over HTTP. We can choose a certificate provided by third party or self-created certificate from personal store. In beginning of this post we created a certificate called DEBUGMODE. CER. I am going to use that certificate.


8. HTTPS is being configured at port 443.


Create WCF REST Service

Since purpose of this post is to demonstrate REST over HTTPS so basic assumption I do have is you know how to create REST service and hosting.

I am creating a simple resource like below,


Implement service as below,



I am going to host service in a console application. Right click on WCF Service Application project and a console application project. Change the target framework from to .Net framework 4.0. Add required references.

Add reference of,

a. System.ServiceModel

b. System.ServiceModel.Web

c. Add project reference of WCF Service project

1. We are going to use WebServiceHost to host REST service in managed [Console] application.


2. We need to construct URI for base address of service


In base address URI construction, you need to make sure below points

a. Address scheme is HTTPS not HTTP.

b. Since HTTPS is configured on port 443 so base address is constructed with port 443.

3. Obviously we need to choose binding as WebHttpBinding.


Point to take care is that we are setting security mode for WebHttpBinding as Transport.

4. Adding EndPoint to the instance of WebServiceHost


Iservice1 is the service contract and Service1 is the service implementation file.

Host program will be as below,


using System;
using System.ServiceModel;
using System.ServiceModel.Web;
using WcfService13;
using System.Diagnostics;

namespace ConsoleApplication1
class Program
static void Main(string[] args)
WebServiceHost host = new WebServiceHost(typeof(Service1));
string uri = "<a href="https://localhost:443/Service1.svc/">https://localhost:443/Service1.svc/</a>";
WebHttpBinding binding = new WebHttpBinding();
binding.Security.Mode = WebHttpSecurityMode.Transport;
host.AddServiceEndpoint(typeof(IService1), binding, uri);
Console.WriteLine("REST Service with HTTPS is running ");


Running Service

Now when we run console application browser will automatically get started


If you notice URL, you can see that service is running on SSL over HTTP. URL is starting with HTTPS.

In next post, I will show you calling WCF REST Service over HTTPS from a client. Thanks for reading.


10 thoughts on “Exposing WCF REST Service over HTTPS

  1. nice post 🙂
    i am waiting for the next post as you mentioned i.e calling WCF REST Service over HTTPS from a client

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s