The remote SSL client failed to provide a required certificate. reason: The remote certificate is invalid according to the validation procedure

Question

I have a WCF Client/Server Application with nettcp binding. Created self-signed cert a.cert and a.pfx

1. installed a.pfx on the server side through mmc snapin in the local computer ->personal folder
2. installed a.cert on the client in the local computer ->personal folder Server code:

`              host = new ServiceHost(typeof(implementclass));
                NetTcpBinding binding = new NetTcpBinding();
                binding.TransferMode = TransferMode.Streamed;
                binding.Security.Mode = SecurityMode.Transport;
                binding.Security.Transport.ClientCredentialType = TcpClientCredentialType.Certificate;
                binding.Security.Transport.ProtectionLevel = ProtectionLevel.EncryptAndSign;
        
                host.Credentials.ServiceCertificate.SetCertificate(
                    StoreLocation.LocalMachine, StoreName.My,
                    X509FindType.FindBySubjectName, "SingedByDevTestCA");

                host.Credentials.ClientCertificate.Authentication.CertificateValidationMode =         System.ServiceModel.Security.X509CertificateValidationMode.None;
                host.AddServiceEndpoint(typeof(myinterface), binding, new Uri("net.tcp://10.30.154.239:5000/implementclass"));                              
                host.Open();`
      ```

**Client code:**

` NetTcpBinding binding = new NetTcpBinding();

            binding.TransferMode = TransferMode.Streamed;

            binding.Security.Mode = SecurityMode.Transport;

            binding.Security.Transport.ClientCredentialType = TcpClientCredentialType.Certificate;
            binding.Security.Transport.ProtectionLevel = System.Net.Security.ProtectionLevel.EncryptAndSign;             
            EndpointIdentity identity = EndpointIdentity.CreateDnsIdentity("SingedByDevTestCA");// dnsname
            //string uriStr = string.Format("net.tcp://localhost:5000/implementclass");
            string uriStr = string.Format("net.tcp://10.30.154.239:5000/implementclass");
            EndpointAddress addr = new EndpointAddress(new Uri(uriStr), identity);
            chn = new ChannelFactory<myinterface>(binding, addr);

            chn.Credentials.ClientCertificate.SetCertificate(
            StoreLocation.LocalMachine,
            StoreName.My,
            X509FindType.FindByThumbprint,
            "02706242a08eb02b8f2a76896142b1222302012c");
            //This line is bc we are working with self signed certificate                
            chn.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.None;             
            idd = chn.CreateChannel();

Now calling the method from the client side 
 string y = idd.Upload(textBox1.Text);

causes an exception on the client side but more importantly is the error on the server side as indicated by the title. 



I read many articles about self signed certificated as not trusted certificates but I don't understand how to make this setup work? upload call works without transport = certificate.  
If I switch the certificates and install pfx ( cert+private key ) on the client side and only cert on the server side, upload call works.
Which way is it suppose to work. I read that private key has to be on the server side and only public key on the client side but it is not working this way.