[Mono-list] SSL/TLS issue with Disqus.com
Joe Dluzen
jdluzen at gmail.com
Mon May 27 15:10:00 UTC 2013
It appears that Disqus is using Camellia 256 CBC. I don't think Mono has a
managed implementation of it, I did a quick search through the Github repo.
Message: 3
> Date: Mon, 27 May 2013 23:39:56 +1000
> From: Daniel Lo Nigro <lists at dan.cx>
> To: Alberto Le?n <leontiscar at gmail.com>
> Cc: "mono-list at lists.ximian.com" <Mono-list at lists.ximian.com>
> Subject: Re: [Mono-list] SSL/TLS issue with Disqus.com
> Message-ID:
> <
> CAB1r_+VcugCbP9ggRxtft8byuGmo-OLrbEDuXSJoe+xjAFQDvg at mail.gmail.com>
> Content-Type: text/plain; charset="iso-8859-1"
>
> I have other apps connecting via HTTPS fine (including the Twitter API, I
> believe). I'm only having issues with Disqus.
>
>
> On Mon, May 27, 2013 at 11:37 PM, Alberto Le?n <leontiscar at gmail.com>
> wrote:
>
> > I find similar problem in Mono 3.0.4 in OpenSuse each time I used
> > LinqToTwitter or any library that connects with https
> >
> > But in Debian with Mono 3.0.3 I never found this problem.
> >
> > I suppose is at configuration level, but I don't have idea what is
> > necesary to change
> >
> >
> > 2013/5/27 Daniel Lo Nigro <lists at dan.cx>
> >
> >> Hi,
> >>
> >> My code is trying to connect to the Disqus API (https://disqus.com/),
> >> but I have started getting an "Invalid certificate received from server"
> >> error. I've tried running mozcerts --sync to load the latest Mozilla
> >> root CAs, and connecting to other SSL/TLS works fine. I am using Mono
> >> 3.0.7, but I encounter the same issue on Mono 3.0.10. Strangely, running
> >> tlstest doesn't output anything apart from the URL:
> >>
> >> 23:21 daniel at dan /tmp
> >> % mono tlstest.exe https://disqus.com/
> >>
> >> https://disqus.com/
> >>
> >> But it works fine for other servers:
> >> 23:22 daniel at dan /tmp
> >> % mono tlstest.exe https://google.com/
> >>
> >> https://google.com/
> >> [Subject]
> >> CN=*.google.com, O=Google Inc, L=Mountain View, S=California, C=US
> >> ...etc...
> >>
> >> Below is the exception I'm getting:
> >> System.Net.WebException: Error getting response stream (Write: The
> >> authentication or decryption has failed.): SendFailure
> >> ---> System.IO.IOException: The authentication or decryption has failed.
> >> ---> Mono.Security.Protocol.Tls.TlsException: Invalid certificate
> >> received from server. Error code: 0xffffffff800b010a
> >> at
> >>
> Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.validateCertificates
> >> (Mono.Security.X509.X509CertificateCollection certificates) [0x0009b] in
> >>
> /usr/local/src/mono-3.0.7/mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs:218
> >> at
> >>
> Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsTls1
> >> () [0x00054] in
> >>
> /usr/local/src/mono-3.0.7/mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs:105
> >> at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process ()
> >> [0x00037] in
> >>
> /usr/local/src/mono-3.0.7/mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake/HandshakeMessage.cs:105
> >> at (wrapper remoting-invoke-with-check)
> >> Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process ()
> >> at
> >> Mono.Security.Protocol.Tls.ClientRecordProtocol.ProcessHandshakeMessage
> >> (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00039] in
> >>
> /usr/local/src/mono-3.0.7/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs:81
> >> at
> >> Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback
> >> (IAsyncResult asyncResult) [0x00123] in
> >>
> /usr/local/src/mono-3.0.7/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs:397
> >> --- End of inner exception stack trace ---
> >> at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback
> >> (IAsyncResult asyncResult) [0x0002a] in
> >>
> /usr/local/src/mono-3.0.7/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslStreamBase.cs:100
> >> --- End of inner exception stack trace ---
> >> at System.Net.HttpWebRequest.EndGetResponse (IAsyncResult asyncResult)
> >> [0x00065] in
> >>
> /usr/local/src/mono-3.0.7/mcs/class/System/System.Net/HttpWebRequest.cs:926
> >> at System.Net.HttpWebRequest.GetResponse () [0x0000e] in
> >>
> /usr/local/src/mono-3.0.7/mcs/class/System/System.Net/HttpWebRequest.cs:932
> >> at ServiceStack.Text.WebRequestExtensions.GetStringFromUrl
> >> (System.String url, System.String acceptContentType, System.Action`1
> >> responseFilter) [0x00000] in <filename unknown>:0
> >> at ServiceStack.Text.WebRequestExtensions.GetJsonFromUrl
> (System.String
> >> url, System.Action`1 responseFilter) [0x00000] in <filename unknown>:0
> >> at Daniel15.BusinessLayer.Services.DisqusComments.Sync () [0x0001e] in
> >> c:\Users\Daniel\Documents\Visual Studio
> >>
> 2010\Projects\dan.cx_dotnet\Daniel15.BusinessLayer\Services\DisqusComments.cs:58
> >> at Daniel15.Cron.CronRunner.Run (System.String operation) [0x00021] in
> >> c:\Users\Daniel\Documents\Visual Studio
> >> 2010\Projects\dan.cx_dotnet\Daniel15.Cron\CronRunner.cs:24
> >> at Daniel15.Cron.CronRunner.Main (System.String[] args) [0x00000] in
> >> c:\Users\Daniel\Documents\Visual Studio
> >> 2010\Projects\dan.cx_dotnet\Daniel15.Cron\CronRunner.cs:11
> >>
> >> Any ideas?
> > --
> > https://twitter.com/AlbertCSharpMan
> > http://stackoverflow.com/users/690958/alberto-leon
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ximian.com/pipermail/mono-list/attachments/20130527/c32cc310/attachment.html>
More information about the Mono-list
mailing list