How to Configure a WCF Service on Windows Server 2022
Windows Communication Foundation (WCF) is the .NET Framework’s unified programming model for building service-oriented applications that communicate over a variety of protocols and transport mechanisms. While newer workloads often use ASP.NET Core Web API or gRPC, a large installed base of enterprise systems — financial applications, ERP integrations, legacy SOA middleware — continues to rely on WCF services. Windows Server 2022 fully supports WCF hosted in IIS, Windows Activation Service (WAS), and as self-hosted Windows services. This article covers the complete configuration path from IIS hosting to security, tracing, and a migration overview to gRPC.
WCF Architecture: ABC (Address, Binding, Contract)
Every WCF endpoint is defined by three elements:
Address — where the service is (a URI such as http://server/OrderService or net.tcp://server:8080/OrderService).
Binding — how to communicate with it (transport protocol, message encoding, security mode). Common bindings: basicHttpBinding (SOAP 1.1 over HTTP, maximum interoperability), wsHttpBinding (SOAP 1.2 over HTTP with WS-Security), netTcpBinding (binary encoded TCP, best performance within a Windows datacenter), netNamedPipeBinding (fastest, same-machine only), netMsmqBinding (queued, durable messaging via MSMQ).
Contract — what the service does (the [ServiceContract] interface defining [OperationContract] methods).
Installing the WCF Prerequisites on Windows Server 2022
WCF hosting features are Windows roles and features. Install them before deploying any service:
# Install IIS, ASP.NET, and WCF activation components
Install-WindowsFeature -Name `
Web-Server,
Web-Asp-Net45,
Web-CGI,
Web-ISAPI-Filter,
Web-ISAPI-Ext,
WAS,
WAS-Process-Model,
WAS-NET-Environment,
WAS-Config-APIs,
NET-WCF-HTTP-Activation45,
NET-WCF-TCP-Activation45,
NET-WCF-Pipe-Activation45,
NET-WCF-MSMQ-Activation45,
NET-WCF-Services45 `
-IncludeManagementTools `
-Restart:$false
# Verify activation features
Get-WindowsFeature -Name NET-WCF-* | Select-Object Name, DisplayName, InstallStateIf you are hosting over net.tcp or net.pipe in IIS, the non-HTTP activation features (NET-WCF-TCP-Activation45, NET-WCF-Pipe-Activation45) are required. Without them, requests to those endpoints fail with a 404 or activation error.
Creating a WCF Service and Hosting in IIS
A WCF service hosted in IIS consists of a .svc file, a code-behind assembly (or inline code), and a web.config. The .svc file is the IIS entry point:
The service contract interface (IOrderService.cs):
using System.ServiceModel;
using System.Runtime.Serialization;
namespace Contoso.OrderService
{
[ServiceContract(Namespace = "http://contoso.com/orderservice/2024")]
public interface IOrderService
{
[OperationContract]
OrderResponse PlaceOrder(OrderRequest request);
[OperationContract]
OrderStatus GetOrderStatus(string orderId);
}
[DataContract]
public class OrderRequest
{
[DataMember(Order = 1, IsRequired = true)]
public string ProductCode { get; set; }
[DataMember(Order = 2)]
public int Quantity { get; set; }
[DataMember(Order = 3)]
public string CustomerAccountId { get; set; }
}
[DataContract]
public class OrderResponse
{
[DataMember] public string OrderId { get; set; }
[DataMember] public bool Success { get; set; }
[DataMember] public string Message { get; set; }
}
[DataContract]
public class OrderStatus
{
[DataMember] public string OrderId { get; set; }
[DataMember] public string Status { get; set; }
}
}WCF web.config: basicHttpBinding and wsHttpBinding
The web.config is where WCF endpoints, bindings, and behaviors are declared. The following example exposes the same service over both basicHttpBinding (for legacy SOAP clients) and wsHttpBinding (for WS-Security capable clients), plus a metadata (WSDL) endpoint:
Adding a netTcpBinding Endpoint
For high-throughput internal service-to-service communication on the Windows datacenter LAN, netTcpBinding offers binary encoding and persistent sessions with significantly lower overhead than HTTP-based bindings. Add this inside the <services> and <bindings> sections:
<!-- Inside block -->
<!-- Inside block -->
For IIS-hosted net.tcp activation, enable the net.tcp protocol on the IIS site:
# Add net.tcp protocol to an IIS site
Set-WebConfiguration -Filter "system.applicationHost/sites/site[@name='OrderServiceSite']/bindings" `
-Value @(@{protocol='net.tcp'; bindingInformation='8081:*'})
# Enable non-HTTP protocols for the application
Set-WebConfigurationProperty `
-Filter "system.webServer/application[@path='/OrderService']" `
-Name enabledProtocols `
-Value "http,net.tcp"Alternatively, use IIS Manager: select the application > Advanced Settings > Enabled Protocols > set to http,net.tcp.
WCF Throttling Settings
The <serviceThrottling> behavior element controls concurrency. The defaults (16 concurrent calls, 10 sessions, 26 instances in WCF 4.x) are intentionally conservative. For a production server on Windows Server 2022 with multiple CPU cores, increase these values:
Monitor the actual concurrency at runtime using performance counters. In PowerShell:
# List all WCF performance counters
Get-Counter -ListSet "ServiceModelService 4.0.0.0" | Select-Object -ExpandProperty Paths
# Sample concurrent calls for a specific service
Get-Counter 'ServiceModelService 4.0.0.0(*)Calls Outstanding' -SampleInterval 2 -MaxSamples 10Enabling WCF Trace and Message Logging
WCF provides two levels of diagnostics: trace logging (service lifecycle events, errors, security) and message logging (full SOAP message capture). Enable both in web.config for debugging. Disable message logging in production as it significantly impacts performance and exposes sensitive payload data:
Open the generated .svclog files with the Service Trace Viewer tool (SvcTraceViewer.exe), found in the Windows SDK at C:Program Files (x86)Microsoft SDKsWindowsv10.0AbinNETFX 4.8 ToolsSvcTraceViewer.exe. It presents correlated activity trees that make it straightforward to trace a request from client receive to service dispatch to response send.
Testing with WCF Test Client (WcfTestClient.exe)
WcfTestClient.exe is included with Visual Studio and the Windows SDK. Launch it from the Visual Studio Developer Command Prompt:
WcfTestClient.exe http://WIN2022WCF/OrderService/OrderService.svcThe tool downloads the WSDL, generates client proxies in memory, and presents a form-based UI listing all operations. Click an operation name to see its input fields, fill in values, and click Invoke. The XML request and response are shown in the lower panel. This is the fastest way to confirm a deployed WCF service is responding correctly without writing any client code.
For HTTPS endpoints with a self-signed certificate, add the certificate to the trusted store first:
certmgr.exe /add C:Certswin2022wcf-selfsigned.cer /s /r localMachine TrustedPeopleSecuring WCF with SSL Certificates
For transport security over HTTPS, bind an SSL certificate to the IIS site and ensure the binding is set to httpsGetEnabled="true" in <serviceMetadata>. Via PowerShell:
# Find the certificate thumbprint
Get-ChildItem -Path Cert:LocalMachineMy |
Where-Object { $_.Subject -like "*WIN2022WCF*" } |
Select-Object Subject, Thumbprint
# Bind the cert to port 443 on the IIS site
$thumb = "A1B2C3D4E5F6..." # replace with actual thumbprint
New-WebBinding -Name "OrderServiceSite" -Protocol "https" -Port 443 -HostHeader "wcf.contoso.com"
$cert = Get-ChildItem -Path "Cert:LocalMachineMy$thumb"
(Get-WebBinding -Name "OrderServiceSite" -Protocol "https").AddSslCertificate($thumb, "My")Update the basicHttpBinding configuration to use Transport security with a clientCredentialType appropriate for your scenario (None for anonymous, Certificate for mutual TLS, Windows for Kerberos).
WCF 4.x Activation: net.tcp and net.pipe Port Sharing
The Net.Tcp Port Sharing Service (NetTcpPortSharing) allows multiple WCF services to share a single TCP port, multiplexed by service name prefix. Enable and start it:
Set-Service -Name NetTcpPortSharing -StartupType Automatic
Start-Service -Name NetTcpPortSharing
# Verify
Get-Service NetTcpPortSharing, NetPipeActivator, NetTcpActivator | Select-Object Name, Status, StartTypeThe NetPipeActivator and NetTcpActivator services (part of WAS) must also be running for WAS-hosted net.pipe and net.tcp activation respectively. These are the services that wake up dormant application pools when an incoming net.tcp or net.pipe request arrives, similar to how HTTP.sys wakes IIS worker processes for HTTP requests.
Migrating from WCF to gRPC: An Overview
gRPC is Google’s open-source RPC framework built on HTTP/2 and Protocol Buffers, and it is the recommended migration target for WCF services moving to .NET 8 on Windows Server 2022. Microsoft provides the dotnet-grpc tool and the Grpc.AspNetCore NuGet package to simplify the transition.
The migration mapping is fairly direct: WCF ServiceContract becomes a gRPC .proto service definition, DataContract classes become Protobuf messages, and OperationContract unary calls map to unary gRPC methods. WCF duplex contracts (callback-based) map to gRPC bidirectional streaming.
// OrderService.proto - gRPC equivalent of the WCF IOrderService contract
syntax = "proto3";
option csharp_namespace = "Contoso.OrderService.Grpc";
package orderservice;
service OrderService {
rpc PlaceOrder (OrderRequest) returns (OrderResponse);
rpc GetOrderStatus(OrderIdRequest) returns (OrderStatusReply);
}
message OrderRequest {
string product_code = 1;
int32 quantity = 2;
string customer_account_id = 3;
}
message OrderResponse {
string order_id = 1;
bool success = 2;
string message = 3;
}
message OrderIdRequest {
string order_id = 1;
}
message OrderStatusReply {
string order_id = 1;
string status = 2;
}Key differences to plan for: WCF clients use generated proxy classes that are configuration-driven and support dynamic endpoint switching via app.config. gRPC clients are code-generated from .proto files and require explicit channel creation. Clients that cannot be updated to gRPC (Java, Python, browser) can be bridged using CoreWCF (an open-source .NET reimplementation of WCF that runs on .NET 6–8) or via an API gateway that translates REST/SOAP to gRPC internally.
# Install CoreWCF for .NET 8 migration path
dotnet add package CoreWCF.Http
dotnet add package CoreWCF.NetTcp
dotnet add package CoreWCF.PrimitivesWCF on Windows Server 2022 remains a fully supported, production-capable platform for existing enterprise integrations. By pairing IIS hosting with proper binding configuration, throttling, SSL transport security, and diagnostic logging, you can operate WCF services reliably at scale. For greenfield development or modernization efforts, establishing a clear migration plan toward gRPC or ASP.NET Core minimal APIs ensures the investment in WCF knowledge translates directly to the next-generation service architecture.
