[Mono-list] Security issue w/Google

Newbie2910 speedup69 at comcast.net
Mon Aug 23 19:01:20 EDT 2010 

(yes, I have read and applied the Security FAQ).

 Need help understanding/installing certificates
I have a .Net app that I am running/developing on Mono on Ubunto 10.04. One
of the things it does is read Gmail data. Now I have read that I need to
install the Mozroots certificates, which I did.

I also installed the Gmail certificates, here's the output:
certmgr -ssl smtps://smtp.gmail.com:465Mono Certificate Manager - version
2.6.7.0
Manage X.509 certificates and CRL from stores.
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2008 Novell. BSD
licensed.


X.509 Certificate v3
Issued from: C=US, O=Equifax, OU=Equifax Secure Certificate Authority
Issued to: C=US, O=Google Inc, CN=Google Internet Authority
Valid from: 6/8/2009 4:43:27 PM
Valid until: 6/7/2013 3:43:27 PM
*** WARNING: Certificate signature is INVALID ***
This certificate is already in the CA store.

X.509 Certificate v3
Issued from: C=US, O=Google Inc, CN=Google Internet Authority
Issued to: C=US, S=California, L=Mountain View, O=Google Inc,
CN=smtp.gmail.com
Valid from: 4/22/2010 4:02:45 PM
Valid until: 4/22/2011 4:12:45 PM
This certificate is already in the AddressBook store.

No certificate were added to the stores.



This is the error I get using the MonoDevelop debugger:
System.IO.IOException: The authentication or decryption has failed. --->
Mono.Security.Protocol.Tls.TlsException: Invalid certificate received from
server. Error code: 0xffffffff80092012
at Mono.Security.Protocol.Tls.Handshake.Client.TlsSer
verCertificate.validateCertificates
(Mono.Security.X509.X509CertificateCollection certificates) [0x00000] in
<filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.Client.TlsSer
verCertificate.ProcessAsTls1 () [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.HandshakeMess age.Process ()
[0x00000] in <filename unknown>:0
at (wrapper remoting-invoke-with-check)
Mono.Security.Protocol.Tls.Handshake.HandshakeMess agerocess ()
at Mono.Security.Protocol.Tls.ClientRecordProtocol.Pr ocessHandshakeMessage
(Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000] in <filename
unknown>:0
at Mono.Security.Protocol.Tls.RecordProtocol.Internal ReceiveRecordCallback
(IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHand shakeCallback
(IAsyncResult asyncResult) [0x00000] in <filename unknown>:0

This seems to indicate the Mono is getting an invalid certificate from
Google, is that right? If so, any idea how I can get a resolution?
-- 
View this message in context: http://mono.1490590.n4.nabble.com/Security-issue-w-Google-tp2335940p2335940.html
Sent from the Mono - General mailing list archive at Nabble.com.

More information about the Mono-list mailing list