Could not establish secure channel for SSL TLS with authority

Question

I must consume a PHP webservice which has a SSL certificate  My  net 3 5 Class library references the webservice with  Add Service references  in Visualstudio 2010  WCF right     When calling the main method of the webservice I receive   Could not establish secure channel for SSL TLS with authority   base url of WS     I tried a lot  like   System Net ServicePointManager ServerCertificateValidationCallback   new RemoteCertificateValidationCallback CheckValidationResult     public bool CheckValidationResult Object sender  X509Certificate certificate  X509Chain chain  SslPolicyErrors sslPolicyErrors                return true          But It wouldn t work  Also I have the certificate installed on my own machine    Extra info  When I use the wsdl location in  Add service reference  the same error occurs  Before I tried it  I worked with a static wsdl

User · Answer

In case it helps anyone else  using the new  Microsoft Web Service Reference Provider tool  which is for  NET Standard and  NET Core  I had to add the following lines to the binding definition as below   binding Security Mode   BasicHttpSecurityMode Transport  binding Security Transport   new HttpTransportSecurity ClientCredentialType   HttpClientCredentialType Certificate     This is effectively the same as Micha s answer but in code as there is no config file   So to incorporate the binding with the instantiation of the web service I did this    System ServiceModel BasicHttpBinding binding   new System ServiceModel BasicHttpBinding     binding Security Mode   System ServiceModel BasicHttpSecurityMode Transport   binding Security Transport ClientCredentialType   System ServiceModel HttpClientCredentialType Certificate   var client   new WebServiceClient binding  GetWebServiceEndpointAddress       Where WebServiceClient is the proper name of your web service as you defined it

User · Answer

Ensure you run Visual Studio as an administrator

User · Answer

This was exact the problem I was facing  At some other article I got a hint to change the configuration  For me this works    lt bindings gt     lt basicHttpBinding gt       lt binding name  xxxBinding  gt         lt security mode  Transport  gt           lt transport clientCredentialType  Certificate   gt         lt  security gt       lt  binding gt     lt  basicHttpBinding gt   lt  bindings gt

User · Answer

Problem I was running into the same error message while calling a third party API from my ASP NET Core MVC project   Could not establish secure channel for SSL TLS with authority   base url of WS     Solution It turned out that the third party API s server required TLS 1 2  To resolve this issue  I added the following line of code to my controller s constructor  System Net ServicePointManager SecurityProtocol   System Net SecurityProtocolType Tls12

User · Answer

Yes an Untrusted certificate can cause this   Look at the certificate path for the webservice by opening the websservice in a browser and use the browser tools to look at the certificate path   You may need to install one or more intermediate certificates onto the computer calling the webservice   In the browser you may see  quot Certificate errors quot  with an option to  quot Install Certificate quot  when you investigate further - this could be the certificate you missing  My particular problem was a Geotrust Geotrust DV SSL CA intermediate certificate missing following an upgrade to their root server in July 2010 https   knowledge geotrust com support knowledge-base index page content amp id AR1422  2020 update deadlink preserved here  https   web archive org web 20140724085537 https   knowledge geotrust com support knowledge-base index page content amp id AR1422

User · Answer

We had this issue on a new webserver from  aspx pages calling a webservice   We had not given permission to the app pool user to the machine certificate   The issue was fixed after we granted permission to the app pool user

User · Answer

Had same error with code   X509Certificate2 mycert   new X509Certificate2   C  certificate crt      Solved by adding password   X509Certificate2 mycert   new X509Certificate2   C  certificate crt    password

User · Answer

This error can occur for lots of reasons  and the last time  I solved it by modifying the Reference svcmap file  and changing how the WSDL file is referenced   Throwing exception    lt MetadataSource Address  C  Users Me Repo Service wsdl  Protocol  file  SourceId  1    gt   lt MetadataFile FileName  Service wsdl      SourceUrl  file    C  Users Me Repo Service wsdl    gt    Working fine    lt MetadataSource Address  https   server domain path Service wsdl  Protocol  http  SourceId  1    gt   lt MetadataFile FileName  Service wsdl      SourceUrl  https   server domain path Service wsdl    gt    This seems weird  but I have reproduced it  This was in a console application on  NET 4 5 and 4 7  as well as a  NET WebAPI site on 4 7

User · Answer

Here is what fixed for me   1  Make sure you are running Visual Studio as Administrator  2  Install and run winhttpcertcfg exe to grant access  https   msdn microsoft com en-us library windows desktop aa384088 v vs 85  aspx  The command is similar to below   enter your certificate subject and service name   winhttpcertcfg -g -c LOCAL MACHINE MY -s  certificate subject  -a  NetworkService  winhttpcertcfg -g -c LOCAL MACHINE MY -s  certificate subject  -a  LOCAL SERVICE  winhttpcertcfg -g -c LOCAL MACHINE MY -s  certificate subject  -a  My Apps Service Account

[.net] Could not establish secure channel for SSL/TLS with authority '*'

Examples related to .net

Examples related to wcf

Examples related to web-services

Examples related to ssl

Examples related to https