Sometimes the Microsoft tools are too clever for their own good.
We have a WCF service which we wanted to move to SSL. The problem was: having changed the WCF security configuration to Transport, and obtaining and configuring a certificate on the server, all we could get in a response was the above exception. Even using the visual studio WCF Test Tool.
The solution was revealed by looking at the configuration files that were created.
For the WSDL we had entered a URL like ‘service.intranetdomain’, the URL on the certificate.
The generated client config replaced ‘service’ with the raw hostname of the machine, which of course did not match the certificate.
Edit the client file to correct the change – everything works 🙂