There are many versions of this question on stackoverflow. I have tried a lot of the solutions suggested there - but none of these work for me.
I have a VB ASP.NET application running on IIS on Windows Server 2008. It calls a webservice. The Server running the Web Service has a self signed certificate. I have imported the Cert into the Trust Store of the IIS machine. I can see the certificate in IE->Options->Content->Certificates->Trusted Root Certification Authorities.
When the webservice is called, an exception is thrown
The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
The same IIS VB ASP.NET Application runs fine on another machine with a similar setup.
These are the different basic things I have checked
I wrote a small command line test program in VB.NET calling the same webservice which runs fine.
After importing the Cert into the Trusted CA store, I have done a iisreset.
Only thing I haven't tried yet is rebooting the IIS machine - this is production machine & I cannot reboot it for at least a couple of days.
What else can I try?
Internet Explorer certificate settings apply only to the current user. It's highly unlikely that the same user you're logged in as when operating IE is the same as the one being used to host the IIS application. You could add the certificate to the trusted certs for the appropriate service account, but a simpler approach would be to add it to the "Local Computer" trusted certs.
Run Microsoft Management Console (type "mmc" in run dialog) File > Add / Remove Snap-Ins > Certificates, chose "Computer account" for the certificates to manage. This way, any user or service account on the server will see the certificate as trusted.
Alternatively, depending on how you're accessing the web-service, you could add an exception within the application itself. I would recommend code that checks the thumbprint / hash of the certificate though, as opposed to allowing it to connect to any un-trusted certificate.