Differences in service certificate validation done by Internet Explorer and WCF

Because of difference between the way Internet Explorer and Windows Communication Foundation (WCF) validate service certificates when HTTPS is used, it is possible that Internet Explorer will not be able to access the Help page or Web Services Description Language (WSDL) of a service even though a WCF client is able to successfully send messages to the service endpoints. This is because Internet Explorer checks whether the service certificate has the ServerAuthentication object identifiers (OID) in the enhanced usage flags, whereas WCF does not enforce such a constraint. If Internet Explorer is unable to access the service Help page or the WSDL for the service, use the ServiceModel Metadata Utility Tool (Svcutil.exe) to access the service metadata.

See also