The approach I used when faced with this problem was to add the signer of the temporary certificate to the trusted authorities list on the computer in question.

遇到这个问题时，我使用的方法是将临时证书的签名者添加到相关计算机上的受信任机构列表中。

I normally do testing with certificates created with CACERT, and adding them to my trusted authorities list worked swimmingly.

我通常使用 CACERT 创建的证书进行测试，并将它们添加到我的受信任机构列表中，效果很好。

Doing it this way means you don't have to add any custom code to your application and it properly simulates what will happen when your application is deployed. As such, I think this is a superior solution to turning off the check programmatically.

这样做意味着您不必向应用程序添加任何自定义代码，并且它可以正确模拟部署应用程序时将发生的情况。因此，我认为这是以编程方式关闭检查的绝佳解决方案。

Alternatively you can register a call back delegate which ignores the certification error:

或者，您可以注册一个忽略认证错误的回调委托：

...
ServicePointManager.ServerCertificateValidationCallback = MyCertHandler;
...

static bool MyCertHandler(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors error)
{
// Ignore errors
return true;
}

Like Jason S's answer:

就像 Jason S 的回答：

ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };

I put this in my Main and look to my app.configand test if (ConfigurationManager.AppSettings["IgnoreSSLCertificates"] == "True")before calling that line of code.

我把它放在我的 Main 中，app.config并(ConfigurationManager.AppSettings["IgnoreSSLCertificates"] == "True")在调用那行代码之前查看我的并测试是否。

I solved it this way:

我是这样解决的：

Call the following just before calling your ssl webservice that cause that error:

在调用导致该错误的 ssl webservice 之前调用以下命令：

using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;

/// <summary>
/// solution for exception
/// System.Net.WebException: 
/// The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
/// </summary>
public static void BypassCertificateError()
{
    ServicePointManager.ServerCertificateValidationCallback +=

        delegate(
            Object sender1,
            X509Certificate certificate,
            X509Chain chain,
            SslPolicyErrors sslPolicyErrors)
        {
            return true;
        };
}

I was having same error using DownloadString; and was able to make it works as below with suggestions on this page

我在使用 DownloadString 时遇到了同样的错误；并能够使其按以下方式工作，并提供此页面上的建议

System.Net.WebClient client = new System.Net.WebClient();            
ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
string sHttpResonse = client.DownloadString(sUrl);

ServicePointManager.ServerCertificateValidationCallback +=
            (mender, certificate, chain, sslPolicyErrors) => true;

will bypass invaild ssl . Write it to your web service constructor.

将绕过 invaild ssl 。将其写入您的 Web 服务构造函数。

To further expand on Simon Johnsons post - Ideally you want a solution that will simulate the conditions you will see in production and modifying your code won't do that and could be dangerous if you forget to take the code out before you deploy it.

为了进一步扩展 Simon Johnson 的帖子 - 理想情况下，您需要一个解决方案来模拟您将在生产中看到的条件，而修改您的代码不会这样做，如果您在部署之前忘记取出代码，可能会很危险。

You will need a self-signed certificate of some sort. If you're using IIS Express you will have one of these already, you'll just have to find it. Open Firefox or whatever browser you like and go to your dev website. You should be able to view the certificate information from the URL bar and depending on your browser you should be able to export the certificate to a file.

您将需要某种自签名证书。如果您正在使用 IIS Express，您将已经拥有其中之一，您只需找到它。打开 Firefox 或任何您喜欢的浏览器，然后转到您的开发网站。您应该能够从 URL 栏中查看证书信息，并且您应该能够将证书导出到文件中，具体取决于您的浏览器。

Next, open MMC.exe, and add the Certificate snap-in. Import your certificate file into the Trusted Root Certificate Authorities store and that's all you should need. It's important to make sure it goes into that store and not some other store like 'Personal'. If you're unfamiliar with MMC or certificates, there are numerous websites with information how to do this.

接下来，打开 MMC.exe，并添加证书管理单元。将您的证书文件导入受信任的根证书颁发机构存储，这就是您所需要的。确保它进入那家商店而不是像“个人”这样的其他商店很重要。如果您不熟悉 MMC 或证书，有许多网站提供有关如何执行此操作的信息。

Now, your computer as a whole will implicitly trust any certificates that it has generated itself and you won't need to add code to handle this specially. When you move to production it will continue to work provided you have a proper valid certificate installed there. Don't do this on a production server - that would be bad and it won't work for any other clients other than those on the server itself.

现在，您的计算机作为一个整体将隐式信任它自己生成的任何证书，您不需要添加代码来专门处理这个问题。当您进入生产环境时，只要您在那里安装了适当的有效证书，它就会继续工作。不要在生产服务器上执行此操作 - 这会很糟糕，并且它不适用于服务器本身以外的任何其他客户端。

For newbies, you can extend your partial service class in a separate cs file and add the code the code provided by "imanabidi" to get it integrated

对于新手，您可以在单独的 cs 文件中扩展您的部分服务类，并添加“imanabidi”提供的代码以使其集成