Answered by:
DataSvcUtil Error 7100 - Could not establish trust relationship for the SSL/TLS secure channel

Question
-
Hi,
I am attempting generate a client data service class (MSDN) in order to connect to my OData service via...
C:\Windows\Microsoft.NET\Framework\v4.0.30319>DataSvcUtil.exe /uri:https://server/odataservice.svc /DataServiceCollection /Version:2.0 /out:ServiceEntities.cs
however I get the error..
error 7001: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. The remote certificate is invalid according to the validation procedure.
Have I not configured SSL correctly in IIS? All I've done is create a self-signed certificate called server then added it to the service's site binding (using default 443 port) and removed the default HTTP binding.
Cheers
Monday, July 4, 2011 8:33 AM
Answers
-
It seems in order for SSL to work, I need to buy a certificate. Apparently using a self-signed certificate will not get the job done (I'm new to SSL lol)
For now I'll use a http binding which seems to have fixed the problem.
- Marked as answer by Bocky25 Tuesday, July 5, 2011 4:43 AM
Tuesday, July 5, 2011 12:19 AM
All replies
-
Can you navigate to https://server/odataservice.svc/$metadata from your browser and see if it returns something?
If it doesn't then the DataSvcUtil won't work.
Thanks,
Vitek Karas [MSFT]Monday, July 4, 2011 9:04 AMModerator -
Yep that works - returns appropriate metadata.
Still experiencing same issue
Monday, July 4, 2011 9:52 AM -
You could try HTTP tracing (for example fiddler) to see the request the utility makes and the exact response from the server.
Vitek Karas [MSFT]Monday, July 4, 2011 11:37 AMModerator -
OK so when I run the command with Fiddler open, I get a popup (in Fiddler) saying...
Session #2: The remote server (server) presented a certificate that did not validate, due to RemoteCertificateNameMismatch, RemoteCertificateChainErrors.
SUBJECT: CN=WMSvc-SERVER
ISSUER: CN=WMSvc-SERVER
EXPIRES: 30/05/2021
Ignore errors and proceed anyway? (Yes/No)
When I select No, I get
error 7001: The remote server returned an error: (502) Bad Gateway
When I select Yes, the class file generates successfully.
If I close fiddler and re-run the command, I get the same original error (fiddler needs to be open in order to generate class file :S )
Any ideas?
Thank you
Monday, July 4, 2011 12:27 PM -
It seems in order for SSL to work, I need to buy a certificate. Apparently using a self-signed certificate will not get the job done (I'm new to SSL lol)
For now I'll use a http binding which seems to have fixed the problem.
- Marked as answer by Bocky25 Tuesday, July 5, 2011 4:43 AM
Tuesday, July 5, 2011 12:19 AM