My Windows 10 App have to log into a TLS1.2 protected server within my LAN. I have to use a StreamSocket class to accept a private IP as the SERVERNAME. But I have a "real" CA on the server already and I don't want that pop-up dialogue box shows up (because I must accept the private IP as the server name which is differs from the certificate authorized). For example, I have to accept "https://192.168.0.101" rather than "https://someone.somewhere" ....

so here is the solution:

using (StreamSocket socket = new StreamSocket())
{
.....
socket.Control.IgnorableServerCertificateErrors.Clear();
socket.Control.IgnorableServerCertificateErrors..Add(ChainValidationResult.InvalidName);
..........

And I verified the subject of the server's certificated to see whether my App connected to the right server. If so, go on to to it's job otherwise just drop the connection.

https://plus.google.com/u/0/communities/110758963058461649351