Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

.NET doesn't trust my self-signed certificate, but IE does?

Tags:

c#

.net

ssl-certificate

self-signed

I've got a self-signed certificate for testing in development. I've added it under the "Trusted Root Certification Authorities" folder in certificate manager, and when visiting the site under IE or Chrome it's accepted as valid (under Firefox it doesn't like the fact it is self-signed).

However, when my C# client tries to connect to call a webservice or to open an SSL socket, it get an exception saying "Could not establish trust relationship for the SSL/TLS secure channel with authority '[server address]'.". And even more annoyingly this doesn't happen when I debug via Visual Studio, it only happens when I try and run it from a test machine which has also had the certificate added to the trusted group.

What criteria is .NET using to validate my certificate?

like image 625
Chris Cooper Avatar asked Jan 28 '11 17:01

Chris Cooper

People also ask

How do you fix the certificate is not trusted because it is self-signed?

You need to import the root certificate into the trust store for the browser. Once the browser knows you trust this root certificate, all certificates signed by this will show up as trusted.

Why is a self-signed SSL certificate not trusted?

Self-signed SSL certificates are not trusted by browsers, because they are generated by your servers, and not validated by trusted CAs, like Cloudflare and Go Daddy.

How do you force a browser to trust a self-signed certificate?

Navigate to the site with the cert you want to trust, and click through the usual warnings for untrusted certificates. In the address bar, right click on the red warning triangle and "Not secure" message and, from the resulting menu, select "Certificate" to show the certificate.

Why is my certificate not trusted?

The certificate not trusted error indicates that the SSL certificate is not signed or approved by a company that the browser trusts. This occurs most often for one of the following reasons: The web site is using a self-signed certificate.

1 Answers

Did you add the certificate as a trusted root authority under the Current User, a specific Service Account or under Local Machine? Most likely you only added the new root authority for the current user only, so any service that runs under a different account will not trust the certificate.

like image 173
Remus Rusanu Avatar answered Oct 19 '22 01:10

Remus Rusanu
Sign in to Comment

Related questions

How do I resolve C# dependencies automatically?
Service reference - why reuse types in referenced assemblies
Using Polly to retry after HttpStatusCode.Unauthorized
Building msbuild 15 project programmatically
Not implemented/supported/invalid operation async method
How to use string interpolation and verbatim string together to create a JSON string literal?
C# project file - Why doesn't it represent what's in my project?
ASP.NET Core Api-Gateway middleware
Blazor WebAssembly Environment Variables
"Handler" pattern?
How to dispose objects having asynchronous methods called?
How to restart my application if Windows Update forces a reboot?
Will multiple Control.BeginInvoke/Invoke calls execute in order?
Realtime Console Output Redirection using Process
Ways to access a 32bit DLL from a 64bit exe
Implementing a Stack using Test-Driven Development
Can T-SQL store ulong's?
algorithm challenge: merging date range
UserPrincipal.FindByIdentity Permissions
Retrieve an object from hashset in C# [duplicate]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!