[Mono-devel-list] WebRequest/HTTPS CA Issue

Sebastien Pouliot spouliot at videotron.ca
Wed Mar 30 15:26:27 EST 2005

Hello Johnny,

> Any ideas?


> Here's the CA:
> [johnny at skuld ~]$ certmgr -list -c -v CA
> Mono Certificate Manager - version
> Manage X.509 certificates and CRL from stores.
> Copyright 2002, 2003 Motus Technologies. Copyright 2004-2005 Novell. BSD
> licensed.
> X.509 v3 Certificate
>   Serial Number: A46E22AEDDC5F858E3CC4238858A4B25
>   Issuer Name:   C=US, O="VeriSign, Inc.", OU=Class 3 Public Primary
> Certification Authority
>   Subject Name:  O=VeriSign Trust Network, OU="VeriSign, Inc.",
> OU=VeriSign International Server CA - Class 3, OU=www.verisign.com/CPS
> Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign

[1] Well this looks like an intermidiate CA certificate - i.e. not a root
certificate. Note that HTTPS, like many protocols, doesn't require the
server to send the root certificate (certmgr -ssl can't work in this case).
This _may_ be the problem. If so you'll need to find the root certificate
and add it with certmgr.

[2] Another, more likely, issue (well for Verisign certificates) is that the
root certificate is signed with MD2. The framework doesn't, by default,
supports MD2. You can activate the MD2 support by configuring your
machine.config file. See "KNOWN ISSUES" in "man certmgr" for more

Let us know if [1] or [2] fix your problems (98%). If not (2%) then I'll
requires more details to debug the issue.

Sebastien Pouliot
home: spouliot at videotron.ca
blog: http://pages.infinit.net/ctech/poupou.html

More information about the Mono-devel-list mailing list