Dealing with SSL Certificate Validation Failures

Here's a quick list of things to try when debugging a non-functioning SSL server certificate.

1.
Has the certificate expired or been revoked?
2.
Does the MMC Certificate Manager say that the certificate is valid?
3.
Is the certificate in the LocalMachine store?
4.
Have you registered the certificate to the address and port of your service?
5.
Does the registered thumbprint match the SHA1 thumbprint of the certificate?
6.
Does the certificate address match the address in your service URI?
7.
Is the root certificate valid and in the trusted root store?
8.
Is the certificate revocation server reachable and functioning?

Next time: When to Wait for Messages

Comments

• Anonymous
  November 07, 2006
  There are two architectural models for moving messages through a system. Pull messaging models require