[Mono-dev] About System.Net.Security.SslStream

Vladimir Giszpenc vgiszpenc at dsci.com
Wed Nov 12 10:46:49 EST 2008


> On Tue, 2008-11-11 at 15:12 +0800, ?? wrote:
> > Hello! I'm using mono 1.9.2 and trying to write a small program
> > SslStream. The program runs as server side program.
> >
> > I found if I write the program as
> >  serverCertificate =
> >  SslStream sslStream = new SslStream(
> >                 client.GetStream()
> >                 );
> >  sslStream.AuthenticateAsServer(serverCertificate,
> >                     false, SslProtocols.Tls, true);
> >
> > I will get a  "Server certificate Private Key unavailable" error.
> This depends on which type of certificate file you're providing the
> X509Certificate ctor and the framework version you're using (I assume
> 2.9 since you're using SslStream).
> A typical .cer does not have a private key inside it so it wont work.
> Using a PKCS#12 file, containing a certificate and a private key, will
> work.
>         The main difference is not the framework but the fact that
>         Windows CryptoAPI defines relations between certificates and
>         keys (when persisted) and allow code to "find" a private key
>         when you supply a certificate (even if its not loaded from a
>         certificate store). No such facility exists under Linux.
I would like to reiterate my request for a binding to nss.  I Believe
that such a binding would provide the capability sought here.

I realize demand is not high, I just want "every vote counted" :).



More information about the Mono-devel-list mailing list