While integrating two clients and working on two way authentication, I had to troubleshoot SSL connectivity. Configuration file was my best tool I could use. There are a couple of things I used, and probably there’s a lot more I am not aware of.
ServicePointManager helps especially when validating server certificate, by allowing to review what are the errors and make a decision either to proceed or not. This is achieved through ServerCertificateValidationCallback event.
As well, I used configuration file to tweak a few things:
Same thing can be done through code (either on ServicePointManager directly, or on request object, ServicePoint property).
Logging is an absolute must when you get an exception, and details of exception are not sufficient enough. Luckily, System.Net (and more nested namespaces) support logging that can be enabled (which reminds me to look under my nose and not to re-invent a wheel). After enabling these logs, I could get detailed trace of SSL communication which helped me a lot. To enable logs:
<source name="System.Net" tracemode="includehex" maxdatasize="1024">
<add name="System.Net" value="Verbose"/>
<add name="System.Net.Sockets" value="Verbose"/>
<add name="System.Net.Cache" value="Verbose"/>
Hopefully, this helps someone as it helped me.