How to use a secure webservice that has an incorrect SSL certificate

By Allen Stoner

If you are using a Third party web service but they have the certificate improperly configured, expired and/or wrong certificate you will need to ignore the error and continue on to the site. This isn't an issue when using the browser, but through VB.NET code it's a little different. The possible error that would be generated is: "Could not establish trust relationship for the SSL/TLS secure channel."

Imports System.Net
Imports System.Net.Security
Imports System.Security.Cryptography.X509Certificates

    ' Added because certificate is for wrong server
    '  This just ignores the certificate error and uses the site
    Private Function ValidateCertificate(ByVal sender As Object, ByVal certificate As X509Certificate, ByVal chain As X509Chain, ByVal sslPolicyErrors As SslPolicyErrors) As Boolean
        'Return True to force the certificate to be accepted.
        Return True
    End Function

'  Then in the class new or form load call set the Callback to the newly create procedure to ignore any errors.
    Public Sub New()
        ' Added because certificate is for wrong server
       ServicePointManager.ServerCertificateValidationCallback = New RemoteCertificateValidationCallback(AddressOf ValidateCertificate)

    End Sub

How to use a secure webservice that has an incorrect SSL certificate  (943 Views)