SSL: server certificate verification failed

When establishing an SSL connection, the server always presents a certificate to the connecting client. The client then checks the system to see if the server certificate is valid (certificate validity dates, certificate CN matches the name of the remote host, certificate issuing authority is trusted, etc). if the certificate is not valid, you'll get the error "server certificate verification failed".

In order to resolve this problem, you can:

  1. Get a Valid Server Certificate installed on the web server.
  2. Accept the certificate programmatically.
  3. Install the public key of the server certificate issuing authority in the trusted CA store of the client machine.

In order to accept the certificate programmatically, you can either:

  1. Set the SSLAcceptServerCert property to the Certificate Type.
  2. Use the SSLServerAuthentication event to examine the server certificate and set the Accept parameter to true.

If you are using our BizTalk adapters or SSIS tasks you may also set the SSLAcceptServerCert property to "ANY" or "ALL" to accept any certificate presented by the server. In version 8 of our products you may also tell the components to accept any certificate by setting the AcceptAnyServerCert configuration setting.

For example: Setting this property to the Encoded Public Key Certificate.

component.SSLAcceptServerCert = new Certificate(CertStoreTypes.cstPublicKeyBlob, "-----BEGIN CERTIFICATE-----MIIDojCCAwugAwIBAgIJAPC...", "", "") //To obtain the encoded certificate you may examine the CertEncoded parameter of the SSLServerAuthentication event

Or in the SSLServerAuthentication event:

e.Accept = true

*Warning* - Accepting non-trusted certificates may cause a potential security risk; though data will be encrypted, the identity of the server will not have been authenticated.

We appreciate your feedback.  If you have any questions, comments, or suggestions about this article please contact our support team at kb@nsoftware.com.