Thanks this blog, It solves the problem with my self-signed SSL. I have tried it on a soap service that is implemented with other language and transferred through the proxy server on Nginx, then rewritten by WCF.
Certificate is created by openSSL. It still works on Windows.
When using Self-Signed Certificates in a WCF Service, you may receive the error
SecurityNegotiationException was unhandled: Could not establish trust relationship for the SSL/TLS secure channel with authority ‘localhost:8080’ (your service’s url may be different).
A common cause for the exception is due to the fact that the WCF runtime does not trust Self-Signed Certificates by default. It is, however, possible to override this default behavior.
First we will create a class that does the work of convincing the WCF runtime that our Self-Signed Certificate is trusted.
Now that we have a class that can override WCF’s rejection of a Self-Signed Certificate, we will have the client use that class prior to instantiating the service proxy.