locked
DataSvcUtil Error 7100 - Could not establish trust relationship for the SSL/TLS secure channel RRS feed

  • Question

  • Hi,

    I am attempting generate a client data service class (MSDN) in order to connect to my OData service via...

     

    C:\Windows\Microsoft.NET\Framework\v4.0.30319>DataSvcUtil.exe /uri:https://server/odataservice.svc /DataServiceCollection /Version:2.0 /out:ServiceEntities.cs

    however I get the error..

    error 7001: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. The remote certificate is invalid according to the validation procedure.

     

    Have I not configured SSL correctly in IIS? All I've done is create a self-signed certificate called server then added it to the service's site binding (using default 443 port) and removed the default HTTP binding.

     

    Cheers

     

    Monday, July 4, 2011 8:33 AM

Answers

  • It seems in order for SSL to work, I need to buy a certificate. Apparently using a self-signed certificate will not get the job done (I'm new to SSL lol)

    For now I'll use a http binding which seems to have fixed the problem.


    • Marked as answer by Bocky25 Tuesday, July 5, 2011 4:43 AM
    Tuesday, July 5, 2011 12:19 AM

All replies

  • Can you navigate to https://server/odataservice.svc/$metadata from your browser and see if it returns something?

    If it doesn't then the DataSvcUtil won't work.

    Thanks,


    Vitek Karas [MSFT]
    Monday, July 4, 2011 9:04 AM
    Moderator
  • Yep that works - returns appropriate metadata.

     

    Still experiencing same issue

    Monday, July 4, 2011 9:52 AM
  • You could try HTTP tracing (for example fiddler) to see the request the utility makes and the exact response from the server.
    Vitek Karas [MSFT]
    Monday, July 4, 2011 11:37 AM
    Moderator
  • OK so when I run the command with Fiddler open, I get a popup (in Fiddler) saying...

     

    Session #2: The remote server (server) presented a certificate that did not validate, due to RemoteCertificateNameMismatch, RemoteCertificateChainErrors.

    SUBJECT: CN=WMSvc-SERVER

    ISSUER: CN=WMSvc-SERVER

    EXPIRES: 30/05/2021

    Ignore errors and proceed anyway? (Yes/No)

     

    When I select No, I get

    error 7001: The remote server returned an error: (502) Bad Gateway

     

    When I select Yes, the class file generates successfully.

    If I close fiddler and re-run the command, I get the same original error (fiddler needs to be open in order to generate class file :S )

     

    Any ideas?

    Thank you

    Monday, July 4, 2011 12:27 PM
  • It seems in order for SSL to work, I need to buy a certificate. Apparently using a self-signed certificate will not get the job done (I'm new to SSL lol)

    For now I'll use a http binding which seems to have fixed the problem.


    • Marked as answer by Bocky25 Tuesday, July 5, 2011 4:43 AM
    Tuesday, July 5, 2011 12:19 AM