locked
BizTalk send port calling a https web service - Could not establish trust relationship for the SSL/TLS secure channel with authority RRS feed

  • Question

  • Hi,

    I have a BizTalk send port calling a web service ( deployed on IIS, with SSL and certificate attached ).

    Adapter of the send port ( wcf-basichttp).

    The following error is reported :

    It will be retransmitted after the retry interval specified for this Send Port. Details:"System.ServiceModel.Security.SecurityNegotiationException: Could not establish trust relationship for the SSL/TLS secure channel with authority  . ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

    The send port details are as follows :

    Certificate info is applied at the send port

    The certificates are imported in all the certificate stores on the local computer.

    What can be wrong.

    Regards,

    Monday, March 18, 2019 2:40 PM

All replies

  • Monday, March 18, 2019 2:41 PM
  • The issue is with the certificate on the remote server, not the Client Certificate.

    Browse to the server where you are trying to connect to as the BizTalk host, it will probably warn you that the site is not trusted.  Browse to it anyway and look at the certificate they are using.  It either will be expired (in which case they need to update it) or there will be a trust issue with the issues, in which case you need to install the appropriate public certificate in Trusted Root in your certificate store. 

    The Client Certificate should be one where you own it, e.g. have the private key for, and it will use it to sign the outbound messages.

    • Proposed as answer by Leo Erlandsson Tuesday, March 19, 2019 9:05 AM
    Monday, March 18, 2019 9:05 PM