X.509 Chain Building Failed when connecting to the AppFabric

Question

Writing a test application for my AppFabric-based library, I started getting a strange exception.

The X.509 certificate CN=servicebus.appfabriclabs.com chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. The revocation function was unable to check revocation because the revocation server was offline.

I've tried with next configuration with no success

<behaviors>
 <endpointBehaviors>
  <behavior name="SecureMessageUserName">
   <clientCredentials>
     <serviceCertificate>
        <authentication revocationMode="NoCheck"/>
     </serviceCertificate>
   </clientCredentials>
  </behavior>
 </endpointBehaviors>
</behaviors>

and also with ServicePointManager.CheckCertificateRevocationList set to false with no success.

Answer 1

Surprisingly, I had the same problem not so long ago. I contacted the AppFabric team, and they confirmed nothing was wrong with the actual certificate.

After a lot of scouting around, I considered clearing the CRL, because it gets cached. I finally found the answer in a comment in a blog post.

This worked for me:

• Close Visual Studio and make sure all instances & processes related to your test applications are closed
• Open CMD with elevated priviliges, and type certutil -urlcache * delete
• I restarted the PC for good measure, but it's not necessary

Interestingly enough, this does not appear to be an AppFabric issue but something on the Windows machines. Let me know if it works.