[Mono-dev] System.Web.Mail and TLS

Sebastien Pouliot sebastien.pouliot at gmail.com
Wed Mar 22 08:25:10 EST 2006 

Hello Vladimir,

On Wed, 2006-03-22 at 00:47 -0800, Vladimir Krasnov wrote:
> Hi Sebastien,
> 
> I've imported my server's certificate using certmgr, the import was
> successful and I can see it by "certmfr -list" command, but I still get
> the same exception.

Maybe because what you did isn't in the FAQ ?

Importing the server certificate isn't enough. In fact it is generally
(98%) useless (because the certificate is already part of the SSL/TLS
handshake, so there's no need for a local copy of it). 

*Unless* (2%) the server certificate is also your root (self-signed)
certificate (common only for testing certificates). This shouldn't be
your case as you were talking about a certificate from a "trusted" CA.

Now the real question(s) is/are:

	How did *you* decide it was "trusted" ? or have you ?

	Answer: In the FAQ ;-)
	http://www.mono-project.com/FAQ:_Security

> Vladimir
> 
> -----Original Message-----
> From: Sebastien Pouliot [mailto:sebastien.pouliot at gmail.com] 
> Sent: Tuesday, March 21, 2006 9:12 PM
> To: Vladimir Krasnov
> Cc: mono-devel-list at lists.ximian.com
> Subject: Re: [Mono-dev] System.Web.Mail and TLS
> 
> Hello Vladimir,
> 
> On Tue, 2006-03-21 at 10:17 -0800, Vladimir Krasnov wrote:
> > Hello,
> > 
> > I'm working now on sending email over SSL connection using
> > System.Web.Mail API. This feature requires connection to SMTP server
> to
> > be changed to SSL connection after EHLO command. I've implemented
> method
> > ChangeToSSLSocket (look attached patch), 
> 
> Nice feature.
> 
> > but I always get a
> > TlsException, even if I have well known certificate from trusted CA.
> 
> This has been a common question on the mailing-list. 
> Did you read the FAQ on Mono project wiki ?
> http://www.mono-project.com/FAQ:_Security
> 
> > Unhandled Exception: System.Web.HttpException: The authentication or
> > decryption has failed. ---> System.IO.IOException: The authentication
> or
> > decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException:
> > Invalid certificate received form server.
> > 
> > Please take a look at this code and suggest what to do.
> > 
> > Vladimir Krasnov.
> > 
> > 
> > _______________________________________________
> > Mono-devel-list mailing list
> > Mono-devel-list at lists.ximian.com
> > http://lists.ximian.com/mailman/listinfo/mono-devel-list
> 
-- 
Sebastien Pouliot  <sebastien at ximian.com>
Blog: http://pages.infinit.net/ctech/

More information about the Mono-devel-list mailing list