accessing asmx service throwing error could not establish secure channel for SSL/TLS with authority - works from SOAPUI though

I know there are lots of Q&As here for the error "could not establish secure channel for SSL/TLS with authority" topic but i am not able to find an answer or convincing reason for my problem.

Below is my problem: I have a vendor service (soap service), which is protected with Username/Pwd authentication (Basic auth i assume). When i try to test this service using SOAP UI tool with supplying the username/password - it works just fine with no issues.

But when i use the same in my c# code (console app), its throwing the above error

could not establish secure channel for SSL/TLS with authority '....'

After researching this error, i also set the logic as below:

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;

I tried attempting the above with all the options like SSL3, TLS, TLS1, TLS2 and all sorts of combinations but for any such, i dont get the error but again, it doesnt take any effect. no error, no response.

what could be the possible cause to handle in code while it works fine in SOAP UI?

After few more research, i also noticed that the Fiddler DO_NOT_TRUST related cert and removed them from my machine. And to add, i am using this console app from my Win 10 machine, on VS 2017 under development. After removing that and when i attempted again, i get the below error now:

System.ArgumentException HResult=0x80070057 Message=The provided URI scheme 'https' is invalid; expected 'http'. Parameter name: via Source=System.ServiceModel

Update-2: I did installed the CERT to my local machine Trusted root and having the below lines to use the cert exactly but still no luck

client.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.Root, X509FindType.FindBySerialNumber, findValue: "<serial-number>");

Any help?

Huh.. finally i figured the solution myself.

below are the ones helped me really.

1. Looked up in the developer tools of this asmx in Chrome/IE. It did show the below Security tab in Chrome for the service

That tells me that its on TLS1.2, was not able to figure out how the SOAP UI was able to manage this without having the CERT in the machine store.

Along with the clientCredentials passed, i also added

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;

Config for binding:

 <binding name="mysoapCredBinding">
      <security mode="TransportWithMessageCredential">
        <message clientCredentialType="UserName" />
      </security>
    </binding>

Still - i had the certificate installed in the store but i dont think its needed at all with the above. It made me tricky when i started researching with teh above error and most of them directed me to the CERTs issue and thats the confusion. We also dont need to pass these creds in HEADERS explicitly but with the above config, should do good.

-- for folks having the similar issue like mine, please note - CERTIFICATE setup is not the first and only solution. This one may also be a solution if any of your problem is very similar to mine (with credentials to invoke service).