[Mono-bugs] [Bug 62716][Blo] Changed - SslServerStream doesn't work properly

bugzilla-daemon@bugzilla.ximian.com bugzilla-daemon@bugzilla.ximian.com
Wed, 11 Aug 2004 08:40:36 -0400 (EDT)

Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.

Changed by sebastien@ximian.com.


--- shadow/62716	2004-08-11 08:34:06.000000000 -0400
+++ shadow/62716.tmp.19202	2004-08-11 08:40:36.000000000 -0400
@@ -187,6 +187,23 @@
 it to the PKCS12 object (using AddPrivateKey).
 ------- Additional Comments From meddochat@zonnet.nl  2004-08-11 08:34 -------
 in the PrivateKeyCertSelectionDelegate event of SslServerStream, i 
 need to return a AssymetricAlgorithm, how should i do it then, i 
 would assume i have to use something out of the certificate for it.
+------- Additional Comments From sebastien@ximian.com  2004-08-11 08:40 -------
+Ok, that's probably the error. An X.509 certificate *doesn't* contain
+a private key. I.e. it can be freely distributed and sent in a
+communication channel, like SSL/TLS.
+Seeing this "CN=Joe's-Software-Emporium" in your log I guess you
+created the certificate using Microsoft's makecert utility. In that
+case the private key was either created in a CryptoAPI container or
+stored in a PVK file - depending on the options used to generate the
+Mono.Security has support to read PVK files (created with or without
+password). If the private key is in a CryptoAPI container when you'll
+export it (if the container allows it). You can either write a small
+tool to do it or you can try to export the certificate *and* it's
+private key into a PKCS12 file (and use the PKCS12 class).