Click here to Skip to main content
15,844,387 members
Please Sign up or sign in to vote.
3.00/5 (1 vote)
I have a windows service which periodically connects remote web service method and passes the required parameters. This system was working perfect.

But for the live system, we needed to install and use client SSL certificate to call that remote web service method. Now, the windows servce returns the error below.

identity check failed for outgoing message. The expected DNS identity of the remote endpoint was '' but the remote endpoint provided DNS claim 'TURSIGN'. If this is a legitimate remote endpoint, you can fix the problem by explicitly specifying DNS identity 'TURSIGN' as the Identity property of EndpointAddress when creating channel proxy.

If I put TURSIGN as the identity like suggested, I receive the error;

Could not establish secure channel for SSL/TLS with authority ''.

How can I resolve this problem?

Mike Meinz 1-May-13 12:42pm    
I suggest that you have someone thoroughly check the DNS entries for I used NSLOOKUP to get the IP Address ( and then tried a Reverse DNS lookup using one of the public web pages that provide Reverse DNS Lookup service and got server can't find error. Furthermore, if I use NSLOOKUP option set q=any, I get an error: Non-existent domain for
vucark 1-May-13 13:14pm    
Hi Mike.
The correct DNS address was and the web service WSDL url
Mike Meinz 1-May-13 13:41pm    
NSLOOKUP results shows that is the actual server name for the server at IP Address is an alias.

> set q=any

Non-authoritative answer: canonical name =

Results resolves to

When accessing the web service, I got an error that said the certificate was not issued by a trusted certificate authority. Maybe there is a problem with the certificate. If you want to use SSL over the Internet, you should probably acquire a SSL certificate from one of the trusted authorities.
vucark 1-May-13 14:14pm    
Hi Mike,

This certificate is self signed. We got the signed certificate that they sent us. We have already installed that certificate. What do we need to do to make this client certificate trusted?
Mike Meinz 1-May-13 14:29pm    
If you are creating your own certificate, you must also create a certificate authority certificate and install that on every computer that will access your web site. Part of this CodeProject Tip may help you create the certificate authority certificate - How to be your own Certificate Authority and create your own certificate to sign code files

Almost everyone uses a trusted certificate authority because of the requirement that the certificate authority certificate must be on every PC that will access your web site.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900