[Mono-list] Accessing secure site: x509 + basic authentication

Quintin Oliver quintin@billinglive.com
Tue, 02 Nov 2004 13:48:21 +0000 

Hi,

On Tue, 2004-11-02 at 12:51, Sebastien Pouliot wrote:
> Hi Oliver,
> 
> Some comments below. Please fill a bug report into bugzilla.ximian.com.
> 
> > I'm attempting to access a secured site using Mono, the site uses
> > certification (https) and basic authentication.
> 
> Are you using client-side certificates ? or only server-side ?
> If you're using client-side (like your code seems to) then why do you need a
> username/password ?

It's a client-side certificate, the username and password is used for
basic authentication which is also a requirement for the site.

> > When running my code I'm given the result:
> >
> > Error getting response stream: ReceiveFailure
> 
> You probably get a stack trace with an exception ?
> Could you add this in your bug report.
> 
> > After various attempts I decided to test the same code on SharpDevelop
> > with the MS Framework v1.1, this compiled fine and works (ie I get the
> > correct response from the server).  This suggests to me that the code is
> > fine however it's a bug relating to Mono?? Or am I deluding myself :S
> >
> > The code doesn't get as far as 'Console.WriteLine("Got Response");'
> >
> > Any advice appreciated!
> >
> > << Code Snippet >>
> >
> > // Service Point
> > ServicePointManager.CertificatePolicy = new MyPolicy();
> >
> > HttpWebRequest webRequest = (HttpWebRequest)
> > HttpWebRequest.Create("https://www.securesite.com/login");
> >
> > // Crendential Cache
> > credentialcache.Add(new Uri("https://www.securesite.com/login"), "Basic",
> > new System.Net.NetworkCredential("user", "password"));
> >
> > webRequest.Credentials = crendentialcache;
> >
> > 			X509Certificate x509 =
> > X509Certificate.CreateFromCertFile("/cert/mycert.cer");
> > 			webRequest.ClientCertificates.Add(x509);
> 
> You only have to supply a certificate for client-side SSL authentication.
> If this is the case then the code is incomplete for Mono - as Mono has no
> way to "detect" the private key associated with the certificate.

Ah, this would be the problem then.  Is there a work-around?

Many Thanks.

> > 			System.Net.HttpWebResponse response =
> > (HttpWebResponse)
> > webRequest.GetResponse();
> >
> > 			Console.WriteLine("Got GetResponse");
> >
> >
> >
> > 			System.IO.StreamReader reader = new
> > StreamReader(response.GetResponseStream());
> >
> > 			string HTML = reader.ReadToEnd();
> >
> > 			Console.WriteLine(responseHTML);
> >
> > 			response.Close();
> >
> > 			reader.Close();
> >
> > _______________________________________________
> > Mono-list maillist  -  Mono-list@lists.ximian.com
> > http://lists.ximian.com/mailman/listinfo/mono-list
> 
>