[Mono-list] https server

Sebastien Pouliot sebastien.pouliot at gmail.com
Thu Apr 27 08:31:22 EDT 2006


Hello Pere,

On Thu, 2006-04-27 at 08:49 +0200, Pere Rodríguez wrote:
> Hello Sebastien,
> 
> at the moment I don't use client certificate, 

Ah, the article you referenced confused me.

> I do:
> 
> xsp --https --port 443 --p12file cert.p12 --pkpwd
> 
> and it doesn't run ok, with firefox appears -12243 error.

Where ? on XSP console or in FireFox ?

> I test that with mono 1.1.13.4-1 it runs but with 1.1.13.6-3 it
> doesn't run. Xsp always is 1.1.13-1 version. I work with debian sid.
> 
> Some idea?

I recall a change was done to handle PKCS#12 empty password (but I'm
unsure when). Try generating a PKCS#12 file with a password.

> Thanks in advance,

No problem, but please continue to c.c. the mailing-list so all problems
(and solutions) can be indexed.

> pere
> 
> 
> 2006/4/24, Sebastien Pouliot <sebastien.pouliot at gmail.com>:
> > Hello Pere,
> >
> > I can do almost any steps in the wiki without problem. However it seems
> > that wget 1.10 changed it's SSL options and doesn't accept the
> > certificate as it used to (in version 1.9.1).
> >
> > Now, even then I do not get the same error as you are describing. This
> > may be due to how you created the certificates (and/or executed XSP).
> >
> > Also note that executing "wget https://estudion/cctest.aspx" doesn't
> > send any client certificate, so an error is normal if XSP is running
> > with the --https-client-require parameter.
> >
> > On Mon, 2006-04-24 at 09:45 +0200, Pere Rodríguez wrote:
> > > Hello,
> > >
> > > I'm testing http://www.mono-project.com/UsingClientCertificatesWithXSP
> > > example and when I execute wget https://localhost/cctest.aspx I obtain
> > > this error:
> > >
> > > prr at estudion:~/pki$ wget https://estudion/cctest.aspx
> > > --09:38:30--  https://estudion/cctest.aspx
> > >            => `cctest.aspx'
> > > S'està resolguent estudion... 127.0.0.1
> > > Connecting to estudion|127.0.0.1|:443... connexió establerta.
> > > OpenSSL: error:1408D078:SSL routines:SSL3_GET_KEY_EXCHANGE:bad rsa e length
> > > No s'ha pogut establir la connexió SSL.
> > >
> > > I created PKCS#12 with openssl and with makecert and the error always
> > > is the same.
> > >
> > > I also test http://pages.infinit.net/ctech/200411.html example and the
> > > error with wget is the same. With this example the mono error is:
> > >
> > > System.IO.IOException: The authentication or decryption has failed.
> > > ---> System.NotSupportedException: Operation is not supported.
> > > in [0x00005] (at
> > > /home/ingo/mono-1.1.13.6/mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Server/TlsServerKeyExchange.cs:51)
> > > Mono.Security.Protocol.Tls.Handshake.Server.TlsServerKeyExchange:Update
> > > ()
> > > in [0x00019] (at
> > > /home/ingo/mono-1.1.13.6/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs:663)
> > > Mono.Security.Protocol.Tls.RecordProtocol:InternalSendRecordCallback
> > > (IAsyncResult ar)--- End of inner exception stack trace ---
> > >
> > > in [0x00054] (at
> > > /home/ingo/mono-1.1.13.6/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslStreamBase.cs:107)
> > > Mono.Security.Protocol.Tls.SslStreamBase:AsyncHandshakeCallback
> > > (IAsyncResult asyncResult)
> > >
> > > Thanks in advance,
> > >
> > > pere
> > > _______________________________________________
> > > Mono-list maillist  -  Mono-list at lists.ximian.com
> > > http://lists.ximian.com/mailman/listinfo/mono-list
> > --
> > Sebastien Pouliot  <sebastien at ximian.com>
> > Blog: http://pages.infinit.net/ctech/
> >
> >
-- 
Sebastien Pouliot  <sebastien at ximian.com>
Blog: http://pages.infinit.net/ctech/



More information about the Mono-list mailing list