Reputation: 1032
Disable certification validation on client side of wcf
I have 2 apps running inside IIS - Client and Service. Service running just fine, but client isn't.
They talk to each other thru WCF with message security relaying on certificates (it isn't transport security, it's just message security). Both are using self-signed certificates.
But client ends up with error:
System.IdentityModel.Tokens.SecurityTokenValidationException: The X.509 certificate ... is not in the trusted people store. The X.509 certificate ... chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider
I know how to disable certificate validation on service side and I did it, but how can I disable CA validation on client side?
Upvotes: 5
Views: 23021
Answers (4)
Reputation: 6180
If you are making Request to the server from the client application, call the below lines to avoid certification check before making a service request.
Using this code will bypass SSL validation error due to a self-signed certificate.
System.Net.ServicePointManager.ServerCertificateValidationCallback =
delegate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{ return true; };
Note: Use this for testing purpose only, for actual application use a valid SSL certificate.
Upvotes: 13
Reputation: 61
In code use this:
using System.ServiceModel; // (to ChannelFactory)
using System.IdentityModel;
ConfigChannel = new ChannelFactory<xxxxxx>(binding, endPoint);
ConfigChannel.Credentials.UserName.UserName = _userName;
ConfigChannel.Credentials.UserName.Password = _password;
ConfigChannel.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.None;
Upvotes: 1
Reputation: 1
If you pace the self-signed certificate in "trusted root Certification Authorities", you can avoid certificate error.
Upvotes: -1
Reputation: 10026
The solution presented by sudhAnsu63 should work for you.
Alternatively, since you are using Message security you could add this to the client configuration file:
<serviceCertificate>
<authentication certificateValidationMode="None" />
</serviceCertificate>
Upvotes: 2
Related Questions
- How do I tell WCF to skip verification of the certificate?
- Custom certificate validation in WCF service
- How to set WCF security to require client certificate?
- WCF Security Authentication with https and validation
- WCF - Disable browser authentication for client app
- WCF net.tcp transport security - how to disable server certificate validation on the client
- Certificate validation failed
- How to disable ASP.NET request validation for WCF service?
- How to force WCF client to send client certificate?
- WCF Client Certificate Authentication