[Mono-bugs] [Bug 459678] New: TlsException retrieving one certificat

Wed Dec 17 04:01:48 EST 2008

https://bugzilla.novell.com/show_bug.cgi?id=459678

           Summary: TlsException retrieving one certificat
           Product: Mono: Class Libraries
           Version: unspecified
          Platform: Other
        OS/Version: Other
            Status: NEW
          Severity: Normal
          Priority: P5 - None
         Component: Mono.Security
        AssignedTo: spouliot at novell.com
        ReportedBy: colin at univ-metz.fr
         QAContact: mono-bugs at lists.ximian.com
          Found By: ---

Hi,
i had this exception when i tried to retrieve this certificat.

# MONO_OPTIONS=--debug certmgr -ssl https://ecc2.cnrs.fr

Mono Certificate Manager - version 2.0.1.0
Manage X.509 certificates and CRL from stores.
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2008 Novell. BSD
licensed.

Unhandled Exception: System.IO.IOException: The authentication or decryption
has failed. ---> Mono.Security.Protocol.Tls.TlsException: The authentication or
decryption has failed.
  at Mono.Security.Protocol.Tls.RecordProtocol.ProcessAlert (AlertLevel
alertLevel, AlertDescription alertDesc) [0x00000]
  at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback
(IAsyncResult asyncResult) [0x00000]
  --- End of inner exception stack trace ---
  at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback
(IAsyncResult asyncResult) [0x00000]

# openssl s_client -connect ecc2.cnrs.fr:443

CONNECTED(00000003)                                                      
depth=2 /C=FR/O=CNRS/CN=CNRS                                             
verify error:num=19:self signed certificate in certificate
chain         
verify
return:0                                                          
---                                                                      
Certificate
chain                                                        
 0
s:/C=FR/O=CNRS/OU=MOY1600/CN=ecc2.cnrs.fr/emailAddress=eccadmin at cnrs-dir.fr

i:/C=FR/O=CNRS/CN=CNRS-Standard                                            
 1
s:/C=FR/O=CNRS/CN=CNRS-Standard                                            

i:/C=FR/O=CNRS/CN=CNRS                                                     
 2
s:/C=FR/O=CNRS/CN=CNRS                                                     

i:/C=FR/O=CNRS/CN=CNRS                                                     
---                                                                           
Server
certificate                                                            
-----BEGIN
CERTIFICATE-----                                                   
MIIEdjCCA16gAwIBAgICWxwwDQYJKoZIhvcNAQEFBQAwNDELMAkGA1UEBhMCRlIx              
DTALBgNVBAoTBENOUlMxFjAUBgNVBAMTDUNOUlMtU3RhbmRhcmQwHhcNMDcwNjIy              
MTIyOTA1WhcNMDkwNjIxMTIyOTA1WjBqMQswCQYDVQQGEwJGUjENMAsGA1UEChME              
Q05SUzEQMA4GA1UECxMHTU9ZMTYwMDEVMBMGA1UEAxMMZWNjMi5jbnJzLmZyMSMw              
IQYJKoZIhvcNAQkBFhRlY2NhZG1pbkBjbnJzLWRpci5mcjCCASIwDQYJKoZIhvcN              
AQEBBQADggEPADCCAQoCggEBANPpsh4ogU/9CKH
+uoGM6UoNtXmaPGhuaQRkW78v              
d7G3cAlEKv5tGmjXtSmTj3JrPEdB0vAfu2T4e4ymP5yHTN0K/AR4jL7KXluNE1cc              
nMisX5Vb7my2IRZXYiVfkVaTmtUtkZp2CgfdUhz
+l/Agvdlho8lIlax6CbtzsBCQ              
Ey7WzpbBZwQmBFscHIRgLnNtEP4oB5iUPXu9aYaq+/mRo4LMGPoRikaYLfsJ0
+qS              
dkNO0D
+CI6Twba93uENSyEAggUWPuWiLaRSvDfdRMtzMpnJqKyCgaE1xfTWMtIXL              
FJfkrnDs2mBILYSjHoT03LoFG
+tRrRvwhsHKf7sQmmdQAkMCAwEAAaOCAVowggFW              
MAwGA1UdEwEB/wQCMAAwEQYJYIZIAYb4QgEBBAQDAgbAMA4GA1UdDwEB/wQEAwIF              
4DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwLwYJYIZIAYb4QgENBCIW
IENlcnRpZmljYXQgc2VydmV1ciBDTlJTLVN0YW5kYXJkMB0GA1UdDgQWBBSP7+81
CiUWmT3vNWyQFK/k0FdHijBTBgNVHSMETDBKgBRnWaXlB3RJA+8Fz8wupBjVEMie
PKEvpC0wKzELMAkGA1UEBhMCRlIxDTALBgNVBAoTBENOUlMxDTALBgNVBAMTBENO
UlOCAQIwFwYDVR0RBBAwDoIMZWNjMi5jbnJzLmZyMEYGA1UdHwQ/MD0wO6A5oDeG
NWh0dHA6Ly9jcmxzLnNlcnZpY2VzLmNucnMuZnIvQ05SUy1TdGFuZGFyZC9nZXRk
ZXIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQBEFlpBXF1+PEXEg+0RNFxm/4tMe4n+
kYuWpOllLHT2k/TaS4I40D8S2xVAM44n3yW4/LYkVX/s7Qdyn7RyZUkfLtc2JlcA
2F/GU3UTc3gsaZemvE7wP9BPWYvFseHY0V10lD47VDCiRYBH/jN8TzZVnX8+MAib
Txx3xPLK3qMF6RjVXXBnNnAKsJcYHn/er5Zr/RB35/MG00zkoAXqUhE041q18xfS
rjnaJySs1YFhL9LRIT+wIzpHqC3GAV9rioDXa5asuHk0TGBFP4kqAwo+MjktjTM2
ZOvMCHPv2g0qQU457pYdiNiyLnPefIfeWojUVA6j0w+x6192ymLojz5e
-----END CERTIFICATE-----
subject=/C=FR/O=CNRS/OU=MOY1600/CN=ecc2.cnrs.fr/emailAddress=eccadmin at cnrs-dir.fr
issuer=/C=FR/O=CNRS/CN=CNRS-Standard
---
No client certificate CA names sent
---
SSL handshake has read 3051 bytes and written 458 bytes
---
New, TLSv1/SSLv3, Cipher is DES-CBC3-SHA
Server public key is 2048 bit
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : SSLv3
    Cipher    : DES-CBC3-SHA
    Session-ID:
    Session-ID-ctx:
    Master-Key:
93E6E8054EBD7A2BC2D50659E0901AF95648AA00BA2FFA7BF441E8EB1994B3BDA8795A4160419B298B378D6BE61DD6AF
    Key-Arg   : None
    Start Time: 1229421224
    Timeout   : 300 (sec)
    Verify return code: 19 (self signed certificate in certificate
chain)
---

-- 
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.