Finally!
It seems that an ASP.NET application does not have the rights (or doesn't know how) to examine the trusted certificate store at machine level. Since the certificate was self-signed the ASP.NET application refused to establish a connection.
I fixed the problem using custom certificate validation.
The following code did the trick:
LdapConnection con = new LdapConnection(new LdapDirectoryIdentifier("server", port));
con.SessionOptions.SecureSocketLayer = true;
con.SessionOptions.VerifyServerCertificate = new VerifyServerCertificateCallback(ServerCallback);
con.Credential = new NetworkCredential(String.Empty, String.Empty);
con.AuthType = AuthType.Basic;
con.Bind();
Since I am sure the certificate is valid, the ServerCallBack method looks like this:
public static bool ServerCallBack(LdapConnection connection, X509Certificate certificate)
{
return true;
}
But you can always of course retrieve the certificate from the local machine and validate it.
The namespace used in this example is:
System.DirectoryServices.Protocols;
This is because the namespace:
System.DirectoryServices.DirectoryEntry
does not contain a method for custom certificate validation.
Thank you all for your help and time, and hopefully this will help someone in the future!
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…