I created self signed certificate for test purposes. I used this post: SSLStream example - how do I get certificates that work? I use code on client like this.
AuthenticateAsClient("testName", null, SslProtocols.Default, false);
and on server:
BeginAuthenticateAsServer(certificate, false, SslProtocols.Default, false, EndAuthenticate, obj);
If I start on same machine where certificate it's ok. But when I move client on other machine I get RemoteCertificateChainErrors.
Does somebody know should I use some "real" certificate or I should add some options to my current?
PS: Cer has All application policies, All issuance policies Pfx has All application policies
It should work from other machine too. Things to check:
AuthenticateAsClient() - in your example "testName") equal to CN in subject of server certificate?UPDATE: It should work from other machine too, but you have to import your self-signed root CA cert to its Trusted Root Certification Authorities store. Your custom CA certificate is not trusted by default on the client. If you order certificate from trusted CA, you do not have to import anything on the client because their CAs are already there. Trusted CA do some checks (if you are an owner of the domain etc.) before they issue the SSL certificate to you.