I have 2 apps running inside IIS - Client and Service. Service running just fine, but client isn't.
They talk to each other thru WCF with message security relaying on certificates (it isn't transport security, it's just message security). Both are using self-signed certificates.
But client ends up with error:
System.IdentityModel.Tokens.SecurityTokenValidationException: The X.509 certificate ... is not in the trusted people store. The X.509 certificate ... chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider
I know how to disable certificate validation on service side and I did it, but how can I disable CA validation on client side?