The Genesis API service endpoints are configured to use HTTP bindings by default. If necessary, the service endpoints can can be secured using SSL over HTTP, or HTTPS protocol.
Step-by-step guide
- Obtain a SSL certificate for your host from a certificate authority or opt to use a self-signed certificate in a test environment.
- Set up SSL in IIS for the Genesis API application using IIS Manager.
- Open bindings.config in the Genesis API application root directory. This file contains WCF binding configurations for transport security:
- wsHttpTransportSecurity for SOAP endpoints.
- webHttpTransportSecurity for REST endpoints.
- Open services.config in the Genesis API application root directory.
Add a bindingConfiguration attribute to all REST endpoints with the value "webHttpTransportSecurity".
REST Endpoint Example<!-- IFoodAnalysisQueryService REST Service--> <service name="Esha.Genesis.Services.Rest.FoodAnalysisQueryRestService"> <endpoint address="" binding="webHttpBinding" bindingConfiguration="webHttpTransportSecurity" contract="Esha.Genesis.Services.IFoodAnalysisQueryService" behaviorConfiguration="jsonBehavior" /> </service>
Modify bindingConfiguration attributes for all SOAP endpoints with the value "wsHttpTransportSecurity".
SOAP Endpoint Example<!-- IFoodAnalysisQueryService SOAP Service--> <service name="Esha.Genesis.Services.Soap.FoodAnalysisQuerySoapService"> <endpoint address="" binding="wsHttpBinding" bindingNamespace="http://ns.esha.com/2013/genesisapi" bindingConfiguration="wsHttpTransportSecurity" contract="Esha.Genesis.Services.IFoodAnalysisQueryService" behaviorConfiguration="Esha.Genesis.Services.Soap.FoodAnalysisQuerySoapService"/> <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" /> </service>
Save and close services.config.
- Open service endpoints in a browser using HTTPS to verify setup is complete.
Related articles