The BPA Platform Web Service API is used for running tasks from remote applications. If it is required to run these over a secure channel then the following additional configuration steps are required.
IIS Changes
- Install the Web Service API as normal.
- Ensure the API works as expected.
- Add a new HTTPS binding in IIS
- Select the Certificate for the Binding (ensure the certificate matches the fully qualified domain name)
- Save the HTTPS binding and remove the original HTTP binding
Once the IIS changes have been applied you will need to modify the web.config in the installation folder.
The installation folder is either
C:\ Files (x86)\ Software\ OAuth2 Authorisation Utility (for 64bit Operating Systems)
Or
C:\ Files\ Software\ OAuth2 Authorisation Utility (for 32bit Operating Systems)
The web.config will need to be modified as follows :-
- The serviceBehaviours element – add the httpsGetEnabled attribute to the serviceMetadata element (see highlighted in bold the attributes below)
<serviceBehaviors> <behavior name="TcapiSvcBehaviour"> <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" /> <serviceDebug includeExceptionDetailInFaults="false" /> </behavior> </serviceBehaviors> - Create a new bindings element containing the following:
<bindings> <webHttpBinding> <binding name="WebHttpsBinding"> <security mode="Transport"> <transport clientCredentialType="None" /> </security> </binding> </webHttpBinding> <basicHttpBinding> <binding name="BasicHttpsBinding"> <security mode="Transport"> <transport clientCredentialType="None" /> </security> </binding> </basicHTTPBinding> </bindings> - In the services element set the bindingConfiguration attributes to point to our binding elements (see highlighted in bold the attributes below).
<services> <service behaviorConfiguration="TcapiSvcBehavior" name="TcapiSvc.Service1"> <endpoint address="" behaviorConfiguration="RestBehavior" binding="webHttpBinding" bindingConfiguration="WebHttpsBinding" contract="TcapiSvc.IService1Rest" /> <endpoint address="soap" binding="basicHttpBinding" bindingConfiguration="BasicHttpsBinding" contract="TcapiSvc.IService1Soap" /> <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" /> </service> </services> - Now, either re-add the reference to Visual Studio (or re-import the WSDL into whatever application you are calling the service from)
(if you don’t want to re-add a reference to a VS project then simply change the app.config file in the project to state that you want to use Transport Security)<binding name="BasicHttpBinding_IService1Soap"> <security mode="Transport" /> </binding>
You should now have a working https web service. Note once the service has been changed to an HTTPS web service it will no longer operate as an HTTP service.
