WCF Self signed certificate is not trusted on the client

baileyswalk picture baileyswalk · Jul 2, 2012 · Viewed 11.2k times · Source

I have a WCF service that is ONLY every used between two server machines. It will NEVER be used publicly.

I was hoping I could use SSL with a self signed certificate for security.

I created a certificate using IIS7, installed it on the client machine using IE and the MMC (Personal, TrustedRoot, Third-Party & TrustedPeople).

I still can't get to the service, either from code or via IE8, without it questioning the certificate.

From IE I get the usual "There is a problem with this website's security certificate."

From code I get the error: "Could not establish trust relationship for the SSL/TLS secure channel with authority"

Why is this not working?

Answer

HeatfanJohn picture HeatfanJohn · Jul 2, 2012

Are you sure that your self-signed certification is in the Trusted Root Certification Authorities certificate store on the client machine that will be accessing your WCF service? See the screenshot below of a self-signed certificate that is trusted by one of my Windows Vista machines.

Are you also sure that your certificate is a self-signed certificate. See screenshot at end of one of my self-signed certificates.

enter image description here

enter image description here

enter image description here

Updated information:

Check out this posting for information on how to use a utility called SelfSSL7 to create self-signed certificates that contain multiple host names.

Here's another link with good information on SelfSSL7.exe and download information.