[Mono-list] HttpListener SSL client certificate

Edward Ned Harvey (mono) edward.harvey.mono at clevertrove.com
Thu Aug 7 15:21:17 UTC 2014

> From: mono-list-bounces at lists.ximian.com [mailto:mono-list-
> bounces at lists.ximian.com] On Behalf Of DrGusman
> I have installed the certificate using httpcfg and even with my own program,
> it installs correctly, the listener starts and serves HTTPS requests, but
> always asks for a client certificate.
> It does not happens on Windows/.net, only with Linux/mono (I'm using ver
> 3.4.0) and is very annoying, I don't want the user to be asked each time he
> tries to log in for a client certificate.

This might be unreleated - or might not - And this might be an additional problem that you haven't discovered yet but will soon - So please be sure to write back here, whatever you discover.

SslStream has a bug as follows:  A mono SslStream server fails to construct a cert chain to send to client.  MS .Net clients will perform heroics and generally succeed at constructing the cert chain locally anyway, but mono SslStream clients don't.  As a result, you can have a Mono SslStream Server fails to connect with a Mono SslStream client.  But as long as either the client or server is MS, then the connection works.

This has a bug in bugzilla, and a patch written, and a pull request waiting for review (for the last 2-3 months).  

Forked repo that has 3.4.0 including patch:

Pull request:

Prebuild packages built from the above forked repo:

More information about the Mono-list mailing list