For the secure connections handled by WCF, the default value for certification validation is PeerOrChainTrust and that for revocation is NoCheck. You can change these values in the configuration files of the DDW, Runtime Service, Administrative Service, Administration Site, and the DE Agent for SQL Service by providing the required value for the following parameters:
CertificateValidationMode: The value can be any one of the following:
None: No validation of the certificate is done.
PeerTrust: The certificate is valid if it is in the trusted people store.
ChainTrust: The certificate is valid if the chain builds to a certification authority in the trusted root store.
PeerOrChainTrust: The certificate is valid if it is in the trusted people store, or if the chain builds to a certification authority in the trusted root store.
RevocationMode: The value can be any one of the following:
NoCheck: No revocation check is performed on the certificate.
Online: A revocation check is made using the online CRL.
Offline: A revocation check is made using a cached CRL.
Restart the corresponding service of the Data Exchange Windows component after changing the values. For Administration Site, restart the IIS Service.