Could not establish secure channel for SSL/TLS with authority '*'

Question

I must consume a PHP webservice which has a SSL certificate. My .net 3.5 Class library references the webservice with 'Add Service references' in Visualstudio 2010 (WCF right?).

When calling the main method of the webservice I receive;

Could not establish secure channel for SSL/TLS with authority '{base_url_of_WS}'.

I tried a lot, like

System.Net.ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(CheckValidationResult); 
 public bool CheckValidationResult(Object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
    {
        return true;
    }

But It wouldn't work. Also I have the certificate installed on my own machine.

*Extra info; When I use the wsdl location in 'Add service reference' the same error occurs. Before I tried it, I worked with a static wsdl.

Answer 1

Yes an Untrusted certificate can cause this. Look at the certificate path for the webservice by opening the websservice in a browser and use the browser tools to look at the certificate path. You may need to install one or more intermediate certificates onto the computer calling the webservice. In the browser you may see "Certificate errors" with an option to "Install Certificate" when you investigate further - this could be the certificate you missing.

My particular problem was a Geotrust Geotrust DV SSL CA intermediate certificate missing following an upgrade to their root server in July 2010 https://knowledge.geotrust.com/support/knowledge-base/index?page=content&id=AR1422

(2020 update deadlink preserved here: https://web.archive.org/web/20140724085537/https://knowledge.geotrust.com/support/knowledge-base/index?page=content&id=AR1422 )