Share via

Tip #41: Did you know... establishing a remote connection to a IIS server with self-issued certificate will require a certificate validation delegate?

Either through WMSvc or through your own script, whenever you try to establish a connection with a remote server, which doesn’t provide a trusted certificate you need to provide a delegate for this certificate validation check to validate untrusted certificates.

The signature for this delegate is as follows

Namespace: System.Net.Security
Assembly:   System (in System.dll)

 public delegate bool RemoteCertificateValidationCallback(
    Object sender,
    X509Certificate certificate,
    X509Chain chain,
    SslPolicyErrors sslPolicyErrors

Thus, to accept ALL server certificates, you will need to set the callback of ServicePointManager to validate a server certificate in the following manner:

 ServicePointManager.ServerCertificateValidationCallback = RemoteCertificateValidationCallbackFlag;

bool RemoteCertificateValidationCallbackCheck(
    Object sender,
    X509Certificate certificate,
    X509Chain chain,
    SslPolicyErrors sslPolicyErrors
    return true;

For the official MSDN documentation on this delegate refer to RemoteCertificateValidationCallback Delegateand ServicePointManager.ServerCertificateValidationCallback Property

Kateryna Rohonyan