[Mono-list] HttpListener SSL client certificate
Edward Ned Harvey (mono)
edward.harvey.mono at clevertrove.com
Thu Aug 7 15:21:17 UTC 2014
> From: mono-list-bounces at lists.ximian.com [mailto:mono-list-
> bounces at lists.ximian.com] On Behalf Of DrGusman
> I have installed the certificate using httpcfg and even with my own program,
> it installs correctly, the listener starts and serves HTTPS requests, but
> always asks for a client certificate.
> It does not happens on Windows/.net, only with Linux/mono (I'm using ver
> 3.4.0) and is very annoying, I don't want the user to be asked each time he
> tries to log in for a client certificate.
This might be unreleated - or might not - And this might be an additional problem that you haven't discovered yet but will soon - So please be sure to write back here, whatever you discover.
SslStream has a bug as follows: A mono SslStream server fails to construct a cert chain to send to client. MS .Net clients will perform heroics and generally succeed at constructing the cert chain locally anyway, but mono SslStream clients don't. As a result, you can have a Mono SslStream Server fails to connect with a Mono SslStream client. But as long as either the client or server is MS, then the connection works.
This has a bug in bugzilla, and a patch written, and a pull request waiting for review (for the last 2-3 months).
Forked repo that has 3.4.0 including patch:
Prebuild packages built from the above forked repo:
More information about the Mono-list