Click here to Skip to main content
13,045,285 members (55,685 online)
Rate this:
Please Sign up or sign in to vote.

I have a windows service which periodically connects remote web service method and passes the required parameters. This system was working perfect.

But for the live system, we needed to install and use client SSL certificate to call that remote web service method. Now, the windows servce returns the error below.

identity check failed for outgoing message. The expected DNS identity of the remote endpoint was '' but the remote endpoint provided DNS claim 'TURSIGN'. If this is a legitimate remote endpoint, you can fix the problem by explicitly specifying DNS identity 'TURSIGN' as the Identity property of EndpointAddress when creating channel proxy.

If I put TURSIGN as the identity like suggested, I receive the error;

Could not establish secure channel for SSL/TLS with authority ''.

How can I resolve this problem?

Posted 1-May-13 3:18am
Mike Meinz 1-May-13 12:42pm
I suggest that you have someone thoroughly check the DNS entries for I used NSLOOKUP to get the IP Address ( and then tried a Reverse DNS lookup using one of the public web pages that provide Reverse DNS Lookup service and got server can't find error. Furthermore, if I use NSLOOKUP option set q=any, I get an error: Non-existent domain for
vucark 1-May-13 13:14pm
Hi Mike.
The correct DNS address was and the web service WSDL url
Mike Meinz 1-May-13 13:41pm
NSLOOKUP results shows that is the actual server name for the server at IP Address is an alias.

> set q=any

Non-authoritative answer: canonical name =

Results resolves to

When accessing the web service, I got an error that said the certificate was not issued by a trusted certificate authority. Maybe there is a problem with the certificate. If you want to use SSL over the Internet, you should probably acquire a SSL certificate from one of the trusted authorities.
vucark 1-May-13 14:14pm
Hi Mike,

This certificate is self signed. We got the signed certificate that they sent us. We have already installed that certificate. What do we need to do to make this client certificate trusted?
Mike Meinz 1-May-13 14:29pm
If you are creating your own certificate, you must also create a certificate authority certificate and install that on every computer that will access your web site. Part of this CodeProject Tip may help you create the certificate authority certificate - How to be your own Certificate Authority and create your own certificate to sign code files

Almost everyone uses a trusted certificate authority because of the requirement that the certificate authority certificate must be on every PC that will access your web site.
vucark 1-May-13 15:41pm
They gave us the required CA certificates and they have already installed also. But we still receive the same error.
Mike Meinz 1-May-13 16:47pm
Sorry. I can offer no additional help.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month

Advertise | Privacy | Mobile
Web02 | 2.8.170713.1 | Last Updated 1 May 2013
Copyright © CodeProject, 1999-2017
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100