Archive, ASP.NET

Web Services & Self Signed SSL Certificates

Jason / September 20, 2006

Sometimes you want your web services to use an SSL communications channel, but for one reason or another you cannot use a SSL certificate from a major CA.

Just this past week we had just such a need at work. A coworker of mine was having difficulties making web service calls over SSL when the certificate’s CA could not be trusted by .NET. I had mentioned to him that I had done something similar in the past, and offered my help.

I eventually came up wit this solution:

using System;
using System.Net; //For the ServicePointManager
using System.Security.Cryptography.X509Certificates; //for the X509 certificate
using System.Net.Security; //for RemoteCertificateValidationCallback delegate & SslPolicyErrors

public partial class _Default : System.Web.UI.Page {
protected void Page_Load(object sender, EventArgs e){
= new RemoteCertificateValidationCallback(certExaminer);
public bool certExaminer(object sender, X509Certificate c, X509Chain chain, SslPolicyErrors sllPolicyErrors) {
return true; //true means the certificate is okay to use

read more