WCF: Could not establish trust relationship for the SSL/TLS secure channel with authority 'dev.xxxxx.com'

Question

I have a WCF webservice application. built another .net app to consume the wcf webservice.

I kept getting this error message. " Could not establish trust relationship for the SSL/TLS secure channel with authority 'dev.xxxxx.com'."

I googled it and tried a few different solutions, still not able to get it fixed.

WCF service config:

  <system.serviceModel>
    <behaviors>
      <serviceBehaviors>
        <behavior>
          <!-- To avoid disclosing metadata information, set the values below to false before deployment -->
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
          <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
          <serviceDebug includeExceptionDetailInFaults="false" />
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <protocolMapping>
      <add binding="basicHttpsBinding" scheme="https" />
    </protocolMapping>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
    <bindings>
      <basicHttpBinding>
        <binding maxBufferSize="104857600" maxReceivedMessageSize="104857600"  sendTimeout="00:10:00">
        </binding>
      </basicHttpBinding>
    </bindings>

  </system.serviceModel>
  <system.webServer>

Client config:

  <system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="BasicHttpsBinding_IIRSvc">
          <security mode="Transport">
            <transport clientCredentialType="None"
                proxyCredentialType="None"
                realm="" />
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
    <client>
      <endpoint address="https://dev.xxxxx.com/IRSvc.svc"
        binding="basicHttpBinding" bindingConfiguration="BasicHttpsBinding_IIRSvc"
        contract="irsvc.IIRSvc" name="BasicHttpsBinding_IIRSvc" />
    </client>
  </system.serviceModel>

Please show the server config for the endpoint – DeanOC May 31 '18 at 19:09 — DeanOC, May 31 '18 at 19:09
thats pretty much all i have in hte config file. – qinking126 May 31 '18 at 19:19 — qinking126, May 31 '18 at 19:19

score 1 · Answer 1 · answered May 31 '18 at 23:17

I'm not sure what the config for the service should look like, but if i compare the 2 configs. I see a SecurityMode 'transport' in the client.config but i don't see any security mode in the service. The default security mode is 'None' so maybe that's a mismatch.

score 0 · Answer 2 · answered Mar 12 '21 at 16:14

It could also be that your certificates CA Root certificate is not present in Trusted Root Certification Authorities. Start mmc.exe then go to:

File -> Add or Remove Snap-ins -> Certificates -> Add -> Computer account -> Local computer. Click Finish.

Check if your HTTPS CA Root certificate certificate is present in Trusted Root Certification Authorities or else copy it there.

Example error from certificate:

This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store.

More info here:

https://stackoverflow.com/a/48790088/3850405

WCF: Could not establish trust relationship for the SSL/TLS secure channel with authority 'dev.xxxxx.com'

2 Answers2