I am currently developing two web services which use mutual authentication with X.509 certificates. This works perfectly over one hop, but if I try to chain over a second hop I get this error:
"Could not establish secure channel for SSL/TLS with authority 'machine.mydomain.com'."
I have my client and both services all executing on the same machine in a test environment. I have IIS 7.5 installed, created a new website and apppool, and published both services as applications under the same site. Both services have https bindings set
up in IIS using the same certificate. I have both the client certificate and the server certificate installed on the machine, and the CA is installed in the Trusted Root CA store. These are all installed under LOCAL_MACHINE.
From my client, I am able to call ServiceA, and everything works perfectly. In ServiceA, I have several unit test cases which call ServiceB - these also work with no problem. But, if I run Client, call ServiceA, and then ServiceA calls ServiceB, authentication
between the two services fails. I have tried copying binding configuration from my unit test app.config to ServiceA's web.config, but that doesn't seem to make any difference.
I can post the configuration data from web.config if anyone wants to see it, but given the fact that calls from Client => S
View Complete Post