Using SSL WCF Service in Windows Phone 7 app

Last few evenings I’ve been working on a WP7 app that I want to connect to a new WCF service using SSL. Since it is only in a dev environment I want to use a self-signed certificate instead of an official one. Doesn’t sound too hard, does it? It took some time before it finally worked…

Dev environment
Laptop with Windows 7, IIS 7, VS2010 + Windows Phone SDK 7.1 and a Samsung Omnia 7 device (Mango).

Project

  • Windows Phone app (the one in the download is very simple and only shows access to the WCF service);
  • WCF Service Application; I used the default Service1 that VS2010 generates.

Step 1
First step is to get the app running, connecting with the service that runs in IIS.

  • Configure the service to use IIS (hit the ‘Create Virtual Directory’ button);
  • Build the service and it should be accessible from a browser, in my case http://localhost/WP7toWCFtestService/Service1.svc
  • From the WP7 app add a ‘Service Reference’ to the WCF Service;

The following code connects to the service from the WP7 app:

var ws = new Service1Client();
ws.GetDataCompleted +=
  (s, e) => UpdateStatus("Result: " + e.Result);
ws.GetDataAsync(42);

At this point the app should work and data is retrieved from the service.

Note: This is where it suddenly stopped working. After a few successful updates of the service reference Visual Studio stopped generating code in the Reference.cs. Various blogs and forums state ‘fuzzy’ solutions like restarting VS, making changes in settings, etc., but none of them worked. The only thing that did work was starting all over again with a new solution.

Step 2
Create a Self-Signed Certificate in IIS, see How to Set Up SSL on IIS 7. Note that you have to use a certificate name that is equal to your web server name.

Step 3
Configure the app and service to use SSL

  • Add a custom binding to web.config defining httpsTransport, see web.config in the download;
  • Change configuration of the Service Reference to point to the https URL and update the reference.

In case you have a real certificate everything should work now using https. However, in case of self-signed you will get the following exception:

There was no endpoint listening at https://servername/WP7toWCFtestService/Service1.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.

Step 4
The problem lies in the root-certificates that are accepted by Windows Phone. The exact details about the problem and how to fix this is described in several great blog posts by David Hardin: WP7 and Self-Signed SSL Certificates.

Based on his guidelines prerequisites and explained I followed these steps:

  • Download the WP7CertInstaller: http://wp7certinstaller.codeplex.com;
  • Removed Azure Tools reference;
  • Installed the provided web site in IIS;
  • Changed the URL in MainPage.xaml.cs from localhost to my server name;
  • Executed the provided WP7 app to download and install the certificate.

And it works! My app now successfully connects to my service using SSL!

Next is adding credentials and removing SOAP…