Tip #41: Did you know... establishing a remote connection to a IIS server with self-issued certificate will require a certificate validation delegate?

Either through WMSvc or through your own script, whenever you try to establish a connection with a remote server, which doesn’t provide a trusted certificate you need to provide a delegate for this certificate validation check to validate untrusted certificates.

The signature for this delegate is as follows

Namespace: System.Net.Security
Assembly:   System (in System.dll)

 public delegate bool RemoteCertificateValidationCallback(
    Object sender,
    X509Certificate certificate,
    X509Chain chain,
    SslPolicyErrors sslPolicyErrors
)

Thus, to accept ALL server certificates, you will need to set the callback of ServicePointManager to validate a server certificate in the following manner:

 ServicePointManager.ServerCertificateValidationCallback = RemoteCertificateValidationCallbackFlag;

bool RemoteCertificateValidationCallbackCheck(
    Object sender,
    X509Certificate certificate,
    X509Chain chain,
    SslPolicyErrors sslPolicyErrors
)
{
    return true;
}

For the official MSDN documentation on this delegate refer to RemoteCertificateValidationCallback Delegateand ServicePointManager.ServerCertificateValidationCallback Property

Kateryna Rohonyan
SDET, IIS Team