Sharepoint 2013 call WCF service from web client

Hi,

I have a question about SharePoint 2013. I would like to host a WCF service in SharePoint and of course I would like to call these  methods through a web client.

Idea:
There is a SharePoint 2013 WCF service, which available via HTTPS connection. I would like to call the service methods with REST. The client is a web client, which is a simple .aspx, and .cs file as behind code. I would like to create the connections between them with a self-signed certificate. When I run the client app, after pressing a button the result would be appear in the screen as a simple string format.

What I’ve achieved:
I’ve created a service and in the web browser(Internet Explorer) I’m able to call the .svc service, and the browser also shows me the following message: You have created a service.
So that is okay.
The web client I’ve referred the service successfully and it can see the methods of the service that I could call. This web client is not deployed, only available when I start it through Visual Studio 2015.
I could create self-signed certificate (in IIS) also. I set the binding in IIS ont he SharePoitn site and I put there a HTTPS binding with 443 protocoll using the certificate that I’ve created earlier.
The private key installed to the computer and the client senses the certificate correctly(in debug mode).

Problem:
When  I configured the WCF service and the web client, I set the clientCredetialType to Certificate and I could check in debug mode where the client senses correctly the certificate, but I get always the following error message: Could not establish secure channel for SSL/TLS with authority 'devsp01.dev.local'.
The client runs and the problem occurs when I press the button and the running app reaches the following line: Response.Write(serRef.PrintMyText());

I’ve tried to search for a solution to my problem, but I didn’t find any useful tip.
Does anyone know a solution or tip to my problem?

I’ve tried the same experiment to call the service method without certificate, but the next message appears: The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'NTLM,Basic realm="devsp01.dev.local"'.
But I’ve tried to do this with the binding in IIS where I didn’t remove the previously mentioned HTTPS binding.
Also does anyone know why I get the error message when I try the same without certificate? I feel I’m close to the working solution, but I don’t know why these error occurs exactly and what to do in these situations.

Every tip would be helpful.
Thank you!

What I have tried:

@Service code:

SPSecureService.cs:

<pre lang="c#">using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.Serialization;
using System.ServiceModel;
using System.Text;
using System.ServiceModel.Activation;

namespace SPSecureService.ISAPI.SPSecureService
{
    [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]
    public class SPSecureService : ISPSecureService
    {
        public void DoWork()
        {
        }

        public string PrintMyText()
        {
            return "Welcome visitor!";
        }
    }
}

ISPSecureService.cs:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.Serialization;
using System.ServiceModel;
using System.Text;

namespace SPSecureService.ISAPI.SPSecureService
{
    [ServiceContract]
    public interface ISPSecureService
    {
        [OperationContract]
        void DoWork();

        [OperationContract]
        string PrintMyText();
    }
}

(WCF service) web.config:

<configuration>
  <system.serviceModel>

    <bindings>
      <wsHttpBinding>
        <binding name="secureHttpBinding">
          <security mode="Transport">
            <transport clientCredentialType="Certificate" />
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>

    <behaviors>
      <serviceBehaviors>
        <behavior name="customBehavior">
          <serviceMetadata httpsGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="false" />
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <services>
      <service name="SPSecureService.ISAPI.SPSecureService.SPSecureService" behaviorConfiguration="customBehavior">
        <endpoint address="" binding="wsHttpBinding" contract="SPSecureService.ISAPI.SPSecureService.ISPSecureService" bindingConfiguration="secureHttpBinding"/>
      </service>
    </services>
  </system.serviceModel>

  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true" />
  </system.webServer>

</configuration>

SPSecureService.svc:

<%@ Assembly Name="SPSecureService, Version=1.0.0.0, Culture=neutral, PublicKeyToken=268a77ab5011082b" %>
<%@ ServiceHost Service="SPSecureService.ISAPI.SPSecureService.SPSecureService" %>

@Client code:
Default.aspx:

<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %>

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title></title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
    
        <asp:Button ID="Button1" runat="server" OnClick="Button1_Click" Text="Button" />
    
    </div>
    </form>
</body>
</html>

Default.aspx.cs:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

public partial class _Default : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }

    protected void Button1_Click(object sender, EventArgs e)
    {
        SPSecureService_reference.SPSecureServiceClient serRef = new SPSecureService_reference.SPSecureServiceClient();
        serRef.ClientCredentials.UserName.UserName = "MyUserName";
        serRef.ClientCredentials.UserName.Password = "MyPassword";
        Response.Write(serRef.PrintMyText());
    }
}

(client) web.config:

<?xml version="1.0" encoding="utf-8"?>

<!--
  For more information on how to configure your ASP.NET application, please visit
  http://go.microsoft.com/fwlink/?LinkId=169433
  -->

<configuration>

    <system.web>
      <compilation debug="true" targetFramework="4.5.2" />
      <httpRuntime targetFramework="4.5.2" />
    </system.web>

    <system.serviceModel>

      <behaviors>
        <endpointBehaviors>
          <behavior name="MyCustomBehavior">
            <clientCredentials>
              <clientCertificate findValue="DevSP01.dev.local" storeName="My" storeLocation="LocalMachine" x509FindType="FindBySubjectName"/>
            </clientCredentials>
          </behavior>
        </endpointBehaviors>
      </behaviors>

      <bindings>
            <wsHttpBinding>
                <binding name="WSHttpBinding_ISPSecureService">
                    <security mode="Transport">
                        <transport clientCredentialType="Certificate" />
                    </security>
                </binding>
            </wsHttpBinding>
        </bindings>
        <client>
            <endpoint address="https://devsp01.dev.local/_vti_bin/SPSecureService/SPSecureService.svc"
                binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_ISPSecureService"
                contract="SPSecureService_reference.ISPSecureService" name="WSHttpBinding_ISPSecureService" behaviorConfiguration="MyCustomBehavior"/>
        </client>
    </system.serviceModel>
</configuration>

Tags: SharePoint 2013, SSL, Certificate, WCFServices