Default Certificate Validation Procedure

Default Certificate Validation Procedure

Can somebody please give a description or (more preferably) a reference to
how the .NET framework validates a domain certificate?
I am trying to connect to WCF service configured with a BasicHttpBinding
with Certificate Transport security. The service is on machine 1 and the
client on machine 2. Both machines are joined to a domain. The service
certificate is issued by the domain's certification authority. However,
when client (Visual Studio Add Service Reference Wizard in my case) is
negotiating with the service it pops up a Warning message with three
possible reasons that the certificate is untrusted:
The security certificate issued by a company is not in the untrust list.
It might be trustable.
The security certificate date is valid.
The security certificate for host 'Administrator' does not match the name
of the page you are trying to view. (Warning!!)
But i'm asking about reason 1, why?
On the other hand if i use WcfTestClient, it pops up the following error:
URI: https://ip:port/svc
Metadata contains a reference that cannot be resolved:
'https://ip:port/svc'.
Could not establish trust relationship for the SSL/TLS secure channel
with authority 'ip:port'.
The underlying connection was closed: Could not establish trust
relationship for the SSL/TLS secure channel.
The remote certificate is invalid according to the validation
procedure.HTTP GET Error.
URI: https://ip:port/svc
There was an error downloading 'https://ip:port/svc'.
The underlying connection was closed: Could not establish trust
relationship for the SSL/TLS secure channel.
The remote certificate is invalid according to the validation procedure.
So can somebody please tell what's happening around here? How is the
service certificate validated?