[Mono-bugs] [Bug 76258][Nor] Changed - SSL client certificate
doesn't work with IE.
bugzilla-daemon at bugzilla.ximian.com
bugzilla-daemon at bugzilla.ximian.com
Wed Sep 28 13:51:24 EDT 2005
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by sebastien at ximian.com.
http://bugzilla.ximian.com/show_bug.cgi?id=76258
--- shadow/76258 2005-09-28 13:24:08.000000000 -0400
+++ shadow/76258.tmp.27934 2005-09-28 13:51:24.000000000 -0400
@@ -1,15 +1,15 @@
Bug#: 76258
Product: Mono: Class Libraries
Version: unspecified
-OS: unknown
+OS: All
OS Details: Linux Fedora Core 3
-Status: NEW
+Status: ASSIGNED
Resolution:
-Severity: 032 Four days
-Priority: Blocker
+Severity: Unknown
+Priority: Normal
Component: Mono.Security
AssignedTo: sebastien at ximian.com
ReportedBy: yngve.zackrisson at mobila-kontoret.se
QAContact: mono-bugs at ximian.com
TargetMilestone: ---
URL:
@@ -120,6 +120,26 @@
V9
Although I added my cacert16t.cer to the Mono Machines Trust store.
???
+
+------- Additional Comments From sebastien at ximian.com 2005-09-28 13:51 -------
+The issue is that we cannot verify the handshake signature (generated
+by MS) in the certificate verify message (section 7.4.8 of RFC2246) so
+we throw an exception. We have no problem verifying the signature made
+by wget/openssl.
+
+Strangely the data hashed for handshake isn't bad because we can
+continue the handshake (if we don't throw an exception) and the
+(handshake) data will be verified later...
+
+Yngve, try commenting the
+throw new TlsException (AlertDescription...);
+lines in ProcessAsSsl3 and ProcessAsTls1 methods in the file
+TlsClientCertificateVerify and re-execute your code.
+
+If this works then
+(a) we know that there's no other problem hidden behind the current one;
+(b) it will let you continue working on the "custom-n-unsafe" version
+while I found the problem.
More information about the mono-bugs
mailing list