none
WCF returned "The remote certificate is invalid according to the validation procedure." RRS feed

  • Question

  • Hello All,

    I have tried a small WCF Service library hosting in a IIS of an IP and accessing the same with other IP via a WPF application. The Service should has Certificate, I created and added one, But Still Im facing "The remote certificate is invalid according to the validation procedure." error

    MY WEB.Config as follows,

              

    <?xml version="1.0"?>
    <configuration>

      <appSettings>
        <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
      </appSettings>
      <system.web>
        <compilation debug="true" targetFramework="4.0" />
        <httpRuntime targetFramework="4.0"/>
      </system.web>
      <system.serviceModel>
        <services>
          <service name="TestServiceLibrary.ProductService">
            <endpoint address="" binding="basicHttpBinding" contract="TestServiceLibrary.IProductService" bindingConfiguration="secureHttpBinding">
              <identity>
                <dns value="localhost" />
              </identity>
            </endpoint>
            <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
          </service>
        </services>

        <behaviors>
          <serviceBehaviors>
            <behavior>
              <!-- To avoid disclosing metadata information, set the values below to false before deployment -->
              <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" httpsGetBinding="customBinding" httpsGetBindingConfiguration="wsdlBinding"/>
              <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
              <serviceDebug includeExceptionDetailInFaults="false"/>
            </behavior>
          </serviceBehaviors>
        </behaviors>

        <serviceHostingEnvironment aspNetCompatibilityEnabled="false" multipleSiteBindingsEnabled="true" />

    <bindings>  
          <basicHttpBinding>  
            <binding name="secureHttpBinding">  
              <security mode="Transport">  
                <transport clientCredentialType="Certificate"/>  
              </security>  
            </binding>  
          </basicHttpBinding>
    <customBinding>
        <binding name="wsdlBinding">
          <textMessageEncoding messageVersion="None" />
          <httpsTransport requireClientCertificate="true" />
        </binding>
      </customBinding>
    </bindings>

      </system.serviceModel>
      <system.webServer>
        <modules runAllManagedModulesForAllRequests="true"/>
        <!--
            To browse web app root directory during debugging, set the value below to true.
            Set to false before deployment to avoid disclosing web app folder information.
          -->
        <directoryBrowse enabled="true"/>
      </system.webServer>

    </configuration>

    I created the certificate and added via MMC as "Trusted Root Certification Authorities" but still Im facing the error. I have stamped my head to break it from last 2 days. Im seeking high priority help here. Thanks- Karthikeyan Manickam

    Friday, July 20, 2018 11:20 AM

All replies

  • Hello All,

    I have tried a small WCF Service library hosting in a IIS of an IP and accessing the same with other IP via a WPF application. The Service should has Certificate, I created and added one, But Still Im facing "The remote certificate is invalid according to the validation procedure." error

    MY WEB.Config as follows,

              

    <?xml version="1.0"?>
    <configuration>

      <appSettings>
        <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
      </appSettings>
      <system.web>
        <compilation debug="true" targetFramework="4.0" />
        <httpRuntime targetFramework="4.0"/>
      </system.web>
      <system.serviceModel>
        <services>
          <service name="TestServiceLibrary.ProductService">
            <endpoint address="" binding="basicHttpBinding" contract="TestServiceLibrary.IProductService" bindingConfiguration="secureHttpBinding">
              <identity>
                <dns value="localhost" />
              </identity>
            </endpoint>
            <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
          </service>
        </services>

        <behaviors>
          <serviceBehaviors>
            <behavior>
              <!-- To avoid disclosing metadata information, set the values below to false before deployment -->
              <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" httpsGetBinding="customBinding" httpsGetBindingConfiguration="wsdlBinding"/>
              <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
              <serviceDebug includeExceptionDetailInFaults="false"/>
            </behavior>
          </serviceBehaviors>
        </behaviors>

        <serviceHostingEnvironment aspNetCompatibilityEnabled="false" multipleSiteBindingsEnabled="true" />

    <bindings>  
          <basicHttpBinding>  
            <binding name="secureHttpBinding">  
              <security mode="Transport">  
                <transport clientCredentialType="Certificate"/>  
              </security>  
            </binding>  
          </basicHttpBinding>
    <customBinding>
        <binding name="wsdlBinding">
          <textMessageEncoding messageVersion="None" />
          <httpsTransport requireClientCertificate="true" />
        </binding>
      </customBinding>
    </bindings>

      </system.serviceModel>
      <system.webServer>
        <modules runAllManagedModulesForAllRequests="true"/>
        <!--
            To browse web app root directory during debugging, set the value below to true.
            Set to false before deployment to avoid disclosing web app folder information.
          -->
        <directoryBrowse enabled="true"/>
      </system.webServer>

    </configuration>

    I created the certificate and added via MMC as "Trusted Root Certification Authorities" but still Im facing the error. I have stamped my head to break it from last 2 days. Im seeking high priority help here. Thanks- Karthikeyan Manickam

    Friday, July 20, 2018 11:16 AM
  • Hi Karthi,

    When did you get this error, accessing the wsdl address or send request from client proxy?

    Have you configure the certificate at the client side?

    For this error, it is usually caused when community with client and server with transport. I suggest you try

    ServicePointManager.ServerCertificateValidationCallback +=
            EasyCertCheck;
    
     bool EasyCertCheck(object sender, X509Certificate cert,
       X509Chain chain, System.Net.Security.SslPolicyErrors error)
        {
            return true;
        }

    Best Regards,

    Tao Zhou


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Monday, July 23, 2018 9:56 AM