Invalid Digital Certificate
https://stackoverflow.com/questions/714308
-
23-08-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I'm attempting to add SSL to my server for sending customer details to a client.
It appears to be working on the Server side with the digital certificate (.pfx) being loaded succesfully.
The problem comes when I try to connect with the client. An AuthenticationException is thrown stating that the remote certificate is invalid. The certificate is a self-signed test certificate - could this be the problem?
If not, I'm out of ideas!
EDIT: The certificate is in the trusted root certificate folder in the MMC on both sides (server and client are being run on the same machine for devel purposes).
Solution
I've had to override the validation method:
public static bool RemoteCertificateValidationCallback(Object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
return true;
}
Obviously this will accept every certificate that is passed to it so I'll need to check using the hash of the certificate or something similar. However, right now it's holiday time!
OTHER TIPS
That could most definitely be the problem. Have you tried adding that web server to your trusted Root Certificates on the client? If the client does not trust the certificate provider (your web server, since self-signed), it will throw exception when attempting to authenticate the certificate.
How did you generate the certificate?
By default makecert.exe will generate a certificate that is not suitable for use ssl authentication.
Use the "-sky exhange" option to generate a suitable one.
makecert -n "CN=Client" -pe -ss My -sr CurrentUser -sky exchange client.cer makecert -n "CN=Host" -pe -ss My -sr LocalMachine -sky exchange host.cer
