[Mono-dev] About System.Net.Security.SslStream
Vladimir Giszpenc
vgiszpenc at dsci.com
Wed Nov 12 10:46:49 EST 2008
Sebastien,
> On Tue, 2008-11-11 at 15:12 +0800, ?? wrote:
> > Hello! I'm using mono 1.9.2 and trying to write a small program
using
> > SslStream. The program runs as server side program.
> >
> > I found if I write the program as
> > serverCertificate =
X509Certificate.CreateFromCertFile(certificate);
> > SslStream sslStream = new SslStream(
> > client.GetStream()
> > );
> > sslStream.AuthenticateAsServer(serverCertificate,
> > false, SslProtocols.Tls, true);
> >
> > I will get a "Server certificate Private Key unavailable" error.
>
> This depends on which type of certificate file you're providing the
> X509Certificate ctor and the framework version you're using (I assume
> 2.9 since you're using SslStream).
>
> A typical .cer does not have a private key inside it so it wont work.
> Using a PKCS#12 file, containing a certificate and a private key, will
> work.
>
> The main difference is not the framework but the fact that
> Windows CryptoAPI defines relations between certificates and
> keys (when persisted) and allow code to "find" a private key
> when you supply a certificate (even if its not loaded from a
> certificate store). No such facility exists under Linux.
I would like to reiterate my request for a binding to nss. I Believe
that such a binding would provide the capability sought here.
I realize demand is not high, I just want "every vote counted" :).
Cheers,
Vlad
More information about the Mono-devel-list
mailing list