IdentityServer: The remote certificate is invalid according to the validation procedure

Question

I'm trying to setup SSO using OWin and Thinktecture Identity Server but I am not having any luck getting the SSL certificate to work. At least I think that's the problem. All works fine when I'm in visual studio, but if I try to use IIS on my machine it gives me the error "The remote certificate is invalid according to the validation procedure". I've also tried using IIS as the client treat the instance running in visual studio as the token authority but I still get the same error. Anyone have any ideas on what I'm doing wrong?

Answer 1

In my case I was just trying to work through the samples (for ID3v2) and getting the cert errors running locally. Since some samples even do self hosting via owin I'm not even sure where it's getting the certs for host side??

Anyway my fix was to copy the cert to the Trusted Root:

1. Windows => Start => run MMC.EXE
2. File=> "Add/Remove Snap-In..." => Certificates
3. Use Computer Account => Local computer => Finish => Ok
4. Go under Personal / Certificates
5. Right click "localhost", Select Copy
6. Paste to "Trusted Root Certificate Authorities"

Done. Enjoy.

Answer 2

After spending a lot of time for me the solution was pretty simple

I just opened the Certmgr.msc ---> deleted the localhost certificate from the Trusted Root certification authorities.

Then opened my solution (after I had run the identity sever) clicked run the visual studio asked fro me if I want generate new certificate to iis express (ssl), I had clicked yes and then it started to work properly:)