Asmx web service is called using Visual Studio generated code from MVC2 controller using code below.

Method call throws exception since web service certificate has expired. How to fix this so that web service can still used?

Using .NET 3.5 and MVC2.

public class AsmxController : Controller 
{ 
    public ActionResult Index() 
    { 
        var cl = new store2.CommerceSoapClient(); 

        //    System.ServiceModel.Security.SecurityNegotiationException was unhandled by user code 
        //Message=Could not establish trust relationship for the SSL/TLS secure channel with authority 'asmxwebservice.com'. 
        var vl = cl.GetVendorList(  AsmxService.LicenseHeader() , 
            new AsmxService.GetVendorListRequest()); 
        return View(); 
    } 
} 

}

From James blog:

So, for testing, we needed to find a way to bypass the certificate validation. It turns out that you need to provide a RemoteCertificateValidationCallback delegate and attach it to ServicePointManager.ServerCertificateValidationCallback. What’s not clear is what happens if two threads are competing to set this property to different values, since it’s a static property. Reflector suggests that the property set method doesn’t do anything fancy, so you could easily get into a race condition.

so, he does the following:

// allows for validation of SSL conversations
ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(ValidateRemoteCertificate);

// callback used to validate the certificate in an SSL conversation
private static bool ValidateRemoteCertificate(
object sender,  X509Certificate certificate,    X509Chain chain,    SslPolicyErrors policyErrors)
{
    if (Convert.ToBoolean(ConfigurationManager.AppSettings["IgnoreSslErrors"]))
    {
        // allow any old dodgy certificate...
        return true;
    }
    else
    {
        return policyErrors == SslPolicyErrors.None;
    }
}