The remote certificate is invalid according to the validation proc

B

Bart

Hi,

I have a webservice that is running fine without SSL.
When I call my webservice over SSL I recieve following error message:

System.Net.WebException:
The underlying connection was closed: Could not establish trust relationship
for the SSL/TLS secure channel.
---> System.Security.Authentication.AuthenticationException: The remote
certificate is invalid according to the validation procedure..

I added this line to my code to add the certificate:
target.ClientCertificates.Add(System.Security.Cryptography.X509Certificates.X509Certificate.CreateFromCertFile("d:\\MyCertFile.cer"));

I'm new to this certificate stuff.

Thanks
Bart
 
S

Steven Cheng[MSFT]

Hi Bart,

Thank you for posting.

From your description, I understand that you're developing an .NET/ASP.NET
webservice and accessing it through .nett gernated proxy at client-side.
Also, the webservice is protected through https/ssl. However, at runtime
when try calling tha webservice , you're getting exception indicate that
the ssl protected connection can not be establshied, correct?

Based on my experience, such error is likely caused by the certificate used
in the SSL/HTTPS connection establishing could not be correctly validated.
In the code you provided, you also add client certificate in your
webservice proxy, so is your server-side service configured to require
client certificate (in IIS)? I'd suggest you consider perform the
following test first to verirfy whether the problem is due to client-side
cert validation or server certificate validation:

1. You can configure the webservice to not require client certificate and
try accessing the server service (without add client certificate) to see
whether it works.

2. If still report error, the problem is concerns with the server service's
SSL certificate or the servername you used to access the server. To do
further troubleshoot, you can first put an html page or aspx page in that
ssl/https protected IIS virtual directory/application and try using IE to
access that page to see whether you can correctly visit that page, also
make sure whether you'll get any warning or error dialog during the
visiting of that page. If there occurs any warning or error dialog, it
indicate there is something not quite correctly against the server SSL
certificate, and when we use webservice proxy to access the service, since
there is not UI to let us interactively process such error condition, it'll
end to an exception...

Please have a check through the above items. If there is anything unclear
or any other finding, please feel free to post here.

Regards,

Steven Cheng
Microsoft Online Community Support


==================================================

When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.

==================================================


This posting is provided "AS IS" with no warranties, and confers no rights.



Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
 
B

Bart

Hi Steven,

It was indeed the certificate warning when opening the site.

Thanks for your help.
 
S

Steven Cheng[MSFT]

Thanks for your respones Bart,

Then, you can have a look at the following article and implement an custom
CertificatePolicy class to handle any certificate error occured when
establishing https connection using webrequest:

#Consuming Webservices over HTTPS (SSL)
http://weblogs.asp.net/jan/archive/2003/12/04/41154.aspx

Hope this helps.

Regards,

Steven Cheng
Microsoft Online Community Support


==================================================

When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.

==================================================


This posting is provided "AS IS" with no warranties, and confers no rights.



Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
 
S

Steven Cheng[MSFT]

Hello Bart,

Anyway progress on this issue or does my further reply helps you?
Please feel free to post here if there's anything else we can help.

Regards,

Steven Cheng
Microsoft Online Community Support


==================================================

When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.

==================================================


This posting is provided "AS IS" with no warranties, and confers no rights.



Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Using GMail with ASP.Net: error: The remote certificate is invalid according to the validation proce 4
Client certificate is invalid 3
Certificate validation 1
Sending mail encounters AuthenticationException (remote certificateis invalid ...) 2
Server certificate validation on client side 0
'Could not establish trust relationship' using a new SSL certificate 2
Unable to call SSL Web Service passing Client Certificate 0
An existing connection was forcibly closed by the remote host 1

Members online

Total: 88 (members: 2, guests: 86)
Robots: 276

Forum statistics

Threads
473,995
Messages
2,570,230
Members
46,819
Latest member
masterdaster

Latest Threads

Top