[Mono-list] SslStream + mono == error
astromag
astromag4 at wp.pl
Mon Sep 13 13:44:56 EDT 2010
Hi,
I wrotea small application (test) of type client - server(Tcp/Ip, SSL).
Unfortunately it doeas not work under linux (server on Linux - client on M$
Windows), in M$ Windows it works.
It turned out, that server stops on method AuthenticateAsServer of class
SslStream.
Server application:
namespace ConsoleApplication1
{
class Program
{
static void Main(string[] args)
{
try
{
TcpListener listener = new TcpListener(IPAddress.Any, 7777);
listener.Start();
X509Certificate cert = new
X509Certificate2("XServerCertificate.pfx", "0987654321");
while (true)
{
TcpClient client = listener.AcceptTcpClient();
SslStream sslStream = new SslStream(client.GetStream());
sslStream.AuthenticateAsServer(cert, false,
System.Security.Authentication.SslProtocols.Tls, false); // Aplikacja
zatrzymuje się na działaniu tej metody
BinaryWriter writer = new BinaryWriter(sslStream,
System.Text.Encoding.UTF8);
string s = "Witam :)";
writer.Write(s);
writer.Flush();
sslStream.Flush();
System.Threading.Thread.Sleep(500);
writer.Close();
}
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
}
}
}
Client Application:
namespace SslClient
{
class Program
{
static void Main(string[] args)
{
TcpClient client = new TcpClient();
client.Connect(IPAddress.Parse("127.0.0.1"), 7777);
SslStream sslStream = new SslStream(client.GetStream(), false,
new RemoteCertificateValidationCallback(Program.CWC));
X509Certificate cert1 = new X509Certificate2("MyCa.cer");
X509Certificate cert2 = new
X509Certificate2("XServerCertificate.cer");
X509Certificate[] certs = new X509Certificate[2];
certs[0] = cert1;
certs[1] = cert2;
X509CertificateCollection cc = new
X509CertificateCollection(certs);
sslStream.AuthenticateAsClient("XServerCertificate", cc,
System.Security.Authentication.SslProtocols.Ssl3, false);
System.IO.BinaryReader reader = new
System.IO.BinaryReader(sslStream, System.Text.Encoding.UTF8);
Console.WriteLine(reader.ReadString());
reader.Close();
Console.WriteLine("Koniec");
Console.ReadKey(false);
}
static bool CWC(object sender, X509Certificate cert, X509Chain
chain, SslPolicyErrors errors)
{
if (errors == SslPolicyErrors.None)
{
return true;
}
else
{
return false;
}
}
}
}
I assume, that problem lies in interpretation of certificates under Linux (
I have not problems, with the same certificates under M$ Windows).
So far Google did not bring answer.
Client's code started in mono 2.6.7 threw out an error.
Unhandled Exception: System.IO.IOException: The authentication or decryption
has
failed. ---> Mono.Security.Protocol.Tls.TlsException: Invalid certificate
recei
ved from server.
at
Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.validateCe
rtificates (Mono.Security.X509.X509CertificateCollection certificates)
[0x00000]
in <filename unknown>:0
at
Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsT
ls1 () [0x00000] in <filename unknown>:0
at
Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsS
sl3 () [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process ()
[0x00000]
in <filename unknown>:0
at (wrapper remoting-invoke-with-check)
Mono.Security.Protocol.Tls.Handshake.H
andshakeMessage:Process ()
at Mono.Security.Protocol.Tls.ClientRecordProtocol.ProcessHandshakeMessage
(Mo
no.Security.Protocol.Tls.TlsStream handMsg) [0x00000] in <filename
unknown>:0
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback
(IA
syncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback
(IAsyncResu
lt asyncResult) [0x00000] in <filename unknown>:0
I ask for help.
--
View this message in context: http://mono.1490590.n4.nabble.com/SslStream-mono-error-tp2537849p2537849.html
Sent from the Mono - General mailing list archive at Nabble.com.
More information about the Mono-list
mailing list