The remote certificate is invalid according to the validation procedure


  • Hi!

    First off all I'm not sure if this is the right forum to ask this question but I'll give it a go, hope it's ok.

    Anyways, I'm coding a ASP.NET  (in C#) web app running in IIS 5.1 but when I try to open a link using:
    "System.IO.StreamReader Reader = new System.IO.StreamReader( new System.Net.WebClient().OpenRead(url)); " I get the following error: "The remote certificate is invalid according to the validation procedure". The url is pointing to https://localhost:443/. I have generated a self-signed certificate and imported it to IIS 5.1. If I add a trace logger (System.Diagnostics.TextWriterTraceListener for System.Net) then I get the following error message:
    "System.Net Information: 0 : [5556] SecureChannel#10852974 - Remote certificate has errors:
    System.Net Information: 0 : [5556] SecureChannel#10852974 -     Unknown error.
    System.Net Information: 0 : [5556] SecureChannel#10852974 - Remote certificate was verified as invalid by the user."

    It works fine when I try to access to url from a web browser such as Firefox or IE (a message pops up where I have to choose to accept the certificate) and it's only when I try to open it using WebClient().OpenRead(url) when this error occurs. I have followed the instructions on on how to create a self signed certificate for IIS and I don't think there's anything wrong with the certificate itself.
    Another thing is that I've added the selfsigned IIS certificate to .keystore and cacerts so that applications in running in Tomcat 5.0.28 can call my IIS app in a similar manner. That works without any problems.

    Another thing that I'd like to know is how come I can open WebClient().OpenRead(urlToAservletOnTomcat)? I would expect a similar error in this case but it works perfectly. Tomcat also uses a self-signed certificate (thus generated by the java keytool). How come my ASP.NET web app implicitly trust the tomcat certificate and not the IIS certificate?

    All responses are more than welcome!

    Thanks in advance,

    Tuesday, February 28, 2006 11:30 AM

All replies

  • In Vista:

    Retrieve the required certificate and
    • Open > Start > Run> MMC > File > certmgr.msc
    • Install required certificate in Trusted Root Certification Authorities (Right Click > All Tasks > Import...)

    Thursday, October 04, 2007 6:43 PM