[Mono-dev] Using SslStream

Sebastien Pouliot sebastien.pouliot at gmail.com
Tue Mar 30 14:56:35 EDT 2010

On Tue, 2010-03-30 at 10:51 -0800, Richter wrote:
> I am attempting to develop an application for linux using Mono that will run
> as a server and accept client connections through TCP/IP Sockets, using SSL
> encryption and authentication. I am attempting to do so via the SslStream
> class, but am having problems getting it to work. This same code works
> perfectly running on the .NET Framework on Windows. I am using a self-signed
> certificate for testing purposes.
> TcpClient tcpClient //Assume it is initialized earlier...
> X509Certificate cert = new X509Certificate("filename", "password");
> SslStream stream = new SslStream(tcpClient.GetStream(), false);
> stream.AuthenticateAsServer(cert, false, SslProtocols.Tls, true);
> This always throws the following exception.
> System.IO.IOException: The authentication or decryption has failed. --->
> Mono.Security.Protocol.Tls.TlsException: Server certificate Private Key
> unavailable.
>   at
> Mono.Security.Protocol.Tls.Handshake.Server.TlsClientKeyExchange.ProcessAsTls1
> () [0x000a7] in
> /tmp/buildd/mono-2.4.4~svn151842/mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Server/TlsClientKeyExchange.cs:112 
>   at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process ()
> [0x00037] in
> /tmp/buildd/mono-2.4.4~svn151842/mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake/HandshakeMessage.cs:105 
>   at (wrapper remoting-invoke-with-check)
> Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process ()
>   at Mono.Security.Protocol.Tls.ServerRecordProtocol.ProcessHandshakeMessage
> (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x0002a] in
> /tmp/buildd/mono-2.4.4~svn151842/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ServerRecordProtocol.cs:74 
>   at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback
> (IAsyncResult asyncResult) [0x00127] in
> /tmp/buildd/mono-2.4.4~svn151842/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs:397 
>   --- End of inner exception stack trace ---
>   at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback
> (IAsyncResult asyncResult) [0x0002a] in
> /tmp/buildd/mono-2.4.4~svn151842/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslStreamBase.cs:102 
> I have tried this with the following certificate formats all generated
> through various methods using openssl: .cer, .pem, .crt, .p12 (with private
> key embedded). As I said, it is working on Windows, but I can't figure out
> how to make it work on my linux box and I can't seem to find much about this
> problem online. Any help would be appreciated.

Google "mono ssl" and your first link will be the Mono Security FAQ
which will tell you how to trust your own self-signed certificate.

Have fun ;-)

More information about the Mono-devel-list mailing list