OK, I gave up and paid Microsoft $250 for support. With the tech's help, we found the solution, and last night confirmed that it was definitely the solution for all our servers: We disabled SSL altogether for WCF services in the web.config:
<system.serviceModel>
<bindings>
<webHttpBinding>
<binding>
<security mode="Transport" />
The "Transport" refers to Transport Layer Security (TLS is the new SSL) so HTTPS. Changed that to:
<system.serviceModel>
<bindings>
<webHttpBinding>
<binding>
<security mode="None" />
Turns out WCF is extremely sensitive to whether you are using HTTP or HTTPS, and if you are using the wrong one you get no helpful errors, just 404.
In my case, both old and new servers were configured to use HTTPS at all times for security. But on the new servers, the SSL (TLS) encryption terminated on the load balancer. In that case encryption only happened between the user's browser and our load balancer, and the traffic between our load balancer and the web servers was unencrypted HTTP.
So the service was listening on HTTPS, and when the request came on HTTP, it just completely ignored it.
(All the other talk about similar issues online focused on uninstalling and reinstalling IIS and ASP.NET and WCF and HTTP Activation and such, so I hope this helps someone. I recommend MS Support if you have a question on the MS stack that SO can't answer in time. It was certainly much cheaper than wasting a few more hours trying to fix it alone).
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
