This should be a snap for anyone who’s done it before…

I’m trying to set up a self-hosted WCF service using NetTcpBinding. I got a trial SSL certificate from Thawte and successfully installed that in my IIS store, and I think I’ve got it correctly set up in the service – at least it doesn’t exception out on me!

Now, I’m trying to connect the client (this is still all on my dev machine), and it’s giving me an error, “Message = “The X.509 certificate CN=ssl.mydomain.com, OU=For Test Purposes Only. No assurances., OU=IT, O=My Company, L=My Town, S=None, C=IL chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.”

Ooookeeeey… now what?

Client code (I want to do this in code, not app.config):

var baseAddress = "localhost";
var factory = new DuplexChannelFactory<IMyWCFService>(new InstanceContext(SiteServer.Instance));
factory.Endpoint.Address = new EndpointAddress("net.tcp://{0}:8000/".Fmt(baseAddress));
var binding = new NetTcpBinding(SecurityMode.Message);
binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
factory.Endpoint.Binding = binding;
var u = factory.Credentials.UserName;
u.UserName = userName;
u.Password = password;
return factory.CreateChannel()

Added Bounty
I’ve just got myself a new trial certificate from Thawte, installed it with the “issued to” set to mydomain.com, and I’m still getting the error above. I’m a newbie to web security, so I’ll need detailed instructions how to get a client to connect to my website and accepting the security certificate. (BTW, what does “No assurances” mean?)