For confidential reasons, I cannot post the actual wsdl on this question for people to see it for themselves. Here is the scenario, I have this web service written in Coldfusion sitting on a server that has a security certificate. When I type https://www.mydomain.com/myWS.cfc?wsdl in the browser, the wsdl comes right up. But when I scroll down to the bottom of the wsdl itself in the browser, I see this tag,
<wsdlsoap:address location="http://www.mydomain.com/myWS.cfc"/>
The URL in this tag has http, not https. My question is, if people were to call this web service by using https link (i.e. https://www.mydomain.com/myWS.cfc?wsdl), would the transaction be encrypted?
Yes, it will be encrypted.
The address specified in the WSDL file is (unfortunately) not always the one of the actual endpoint address where you can call the service.
As an example, if you have a WCF service, the address in the WSDL will be by default generated with the machine name and not the domain name.
Also, when you access the service endpoint with ?wsdl parameter, usually the WSDL you get back is generated dynamically. But this might not always be the case! The file can also be a static one (the actual *.wsdl file) which gets maintained by developers which can forget to change the address inside when deploying the service on different locations...
The endpoint address is important here, and that is on HTTPS; and HTTPS provides an encrypted communication.