c# - Security exception when wcf service server and client certificate is different than SSl certificate -

i new wcf , having real tough time understanding certificates authentication , encryption.

i have wcf service uses clientcredentialtype="certificate".

i have generated ca certificate, server , client certificate using makecert tool.

the service hosted in iis.

when use ssl site getting security exception:

could not establish trust relationship ssl/tls secure channel authority 'fqdn;.  system.net.webexception: underlying connection closed:  not establish trust relationship ssl/tls secure channel. --->  system.security.authentication.authenticationexception: remore  certificate invalid according validation procedure.  

the ssl certificate , wcf certificates different certification authorities.

why security exception being thrown?

how communication happening between client , server , certificates being used? confused. appreciated.

the makecert tool creates self-signed certificates not trusted default there no signature certificate authority attesting legitimacy of information on certificate.

when client goes connect, unless certificate validation disabled or roll own checking scheme, using typical validation procedure fail. is, certificate not trusted root ca through certificate trust chain.