Your XML Web Service will be running on Internet Information Server (IIS) and it will rely on IIS to provide SSL support. Because of this, you must first install an SSL server certificate on your server so that you can enable SSL support.
If you are purchasing a server certificate from a third-party certificate authority or if you have an enterprise certificate authority available to you, skip to the next step. Otherwise, install Certificate Services by starting the Add/Remove Programs tool, clicking Add/Remove Windows Components, and then click to select the Certificate Services check box.
Run the Web Server Certificate Wizard by starting Internet Services Manager, right-clicking on the virtual site that you want the certificate for, clicking Properties, clicking the Directory Security tab, and then clicking Server Certificate.
In the Web Server Certificate Wizard, click Create a new certificate, and then click Next.
Click Prepare the request now, but send it later, and then click Next.
Continue to fill out the information in the Wizard to fit your needs, but when you are prompted to provide the common name of the certificate, make sure that you specify the name of the host computer that you are running your XML Web service on.
When you complete the wizard, a certificate request is saved in a file that you specify. By default, this is c:\Certreq.txt.
If you are submitting your certificate to a different certificate authority, do that now by using their procedures and when you receive your certificate file, open it, and then skip to step 16. If you are using your own Certificate Services to get your certificate, browse to http://localhost/certsrv and choose the Request a Certificate option.
Under the Request Type page, specify that this is an Advanced Request, and then click Next.
Click Submit a certificate request using a base64 encoded PKCS #10 file or a renewal request using a base64 encoded PKCS #7 file, and then click Next.
On the Submit a Saved Request page, click Browse for a file to insert, specify the file you created in step 6, click Read, and then Submit. Your request has been submitted, and now you must approve it.
On the Programs menu, under Administrative Tools, start the Certificate Authority management console.
Under your Certificate Authority's name, choose the Pending Request folder. Right-click the certificate request that you just submitted, point to All Tasks, and then click Issue. Close the Certificate Authority management console.
In your browser, go back to http://localhost/certsrv, click Check on Pending Requests, and then click Next.
Make sure that the request you just created is selected, and then click Next.
On the Certificate Issued page, choose either of the encoding schemes, and then click Download CA certificate. The Certificate property pages are displayed. Click the General tab, and then click Install Certificate.
The Certificate Import Wizard starts. Accept all of the defaults and click through the wizard until it has completed.
Go back to the Internet Services Manager, right-click the virtual site you created the certificate for, click Properties, click the Directory Security tab, and then click Server Certificate.
Click Assign an existing certificate to see a list with your certificate in it. Click your certificate, and then click Next. Complete the Web Server Certificate Wizard. Your SSL Server Certificate is now installed.
Edit the WSDL files for your service so that the address for your Web service begins with https instead of http. You must make sure that the copy of the WSDL that your client is using also indicates https.
For Microsoft Visual Studio .NET projects, when you add a Web Reference ,you can specify an https URL as the location of the XML Web service. If you did not do this, then you can edit the class that was created by Visual Studio .NET that wraps the Web service and modify the line of code that sets the URL. For a C# project, the line of code might look like this after you have modified it:
To determine if SSL is configured properly, try browsing to your server by using an https URL such as https://my_computer/test/test.asmx.
You configuration should be alright if you can successfully browse to the location without any error messages being displayed by Internet Explorer. You are ready to try to access your web service programmatically.
If you want to make sure that only SSL requests are accepted by your Web service, you can configure the virtual directory where your XML Web service resides to be SSL only in the Internet Services Manager:
Right-click the virtual directory where your XML Web service resides, and then click Properties.
Click the Directory Security tab, and then click Edit under Secure Communications.
Click require secure channel (SSL), and then click OK twice.