Windows Service not starting due to SSL certificate implementing .NET Core
This might be a silly question, but I'm working on a project and hit a roadblock. I need some guidance on I'm migrating some code and Quick question that's been bugging me - I've searched everywhere and can't find a clear answer..... I'm working with an scenario with a Windows Service I built using .NET Core 3.1. The service is supposed to connect to a secure API using HTTPS, but it fails to start due to SSL certificate validation errors. The behavior message I receive in the Windows Event Viewer is: ``` System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure. ``` I've checked the certificate on the server, and it's valid. I suspect it might be related to the way I'm configuring the HttpClient or perhaps the service is running under a different user context that doesn't have access to the certificate store. Here's how I'm configuring the HttpClient: ```csharp services.AddHttpClient<IMyService, MyService>(client => { client.BaseAddress = new Uri("https://mysecureapi.com"); }); ``` I've also tried explicitly enabling certificate validation temporarily using: ```csharp HttpClientHandler handler = new HttpClientHandler(); handler.ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => { return true; }; services.AddHttpClient<IMyService, MyService>().ConfigurePrimaryHttpMessageHandler(() => handler); ``` While this allows the service to start, it's not a good long-term solution due to security concerns. I've confirmed that the certificate chain is complete and trusted on the machine. Can someone advise on how to properly configure the service to trust the SSL certificate? Is there a specific certificate store I should be using, or additional configuration in Windows? I'm running this on Windows Server 2019, and the service is set to run with local system account. Any guidance on best practices for handling SSL certificates in Windows Services would be greatly appreciated! My development environment is Ubuntu. I'm working on a API that needs to handle this. Am I missing something obvious? Any suggestions would be helpful. I'm coming from a different tech stack and learning Csharp. The stack includes Csharp and several other technologies. I'd be grateful for any help.