[Mono-list] HttpListener SSL client certificate

Edward Ned Harvey (mono) edward.harvey.mono at clevertrove.com
Fri Aug 8 14:27:27 UTC 2014


> From: mono-list-bounces at lists.ximian.com [mailto:mono-list-
> bounces at lists.ximian.com] On Behalf Of DrGusman
> 
> I will add the patches you said on the previous postto my mono branch and
> will give it a try, if found it's really unstable or troublesome then I will
> use one of my backup plans, add a nginx router which will do the ssl
> decryption or using also nginx connect through FastCGI.

Oh yeah.  I would expect, if you want to run C# on a web server, it's almost certainly best for you to do some of the ASP stuff, fastcgi, or similar.  In other words, let a real web server be the web server, because they're focused on making web servers stable, secure, and supportable.


> I hope with the Xamarin boom the mono project get more alive as novell left
> it semi abandoned when was sold, the las 3.7 mono version is really a giant
> leap and Miguel and it's team seem to be working really hard (I am also a
> Xamarin customer, got MT and MD).

Maybe.  But I'm doubtful.  It seems to me that Xamarin is focused only on mobile devices and basically nothing else.  (Even coverage for mono on OSX is very sparse.)


> I'm curious, what do you plan to do to stop using the SslSocket?

We need to make at least a small research project into that.  I'm guessing it will probably be Bouncy Castle.  Not 100% sure yet.  Perhaps openssl - but since they're really C++ with a crude managed wrapper around it, we might not use openssl for that reason.  Bouncy Castle is at least *meant* to be managed code, but I recently uncovered a kind of major flaw with their SecureRandom, which apparently gets used all over the place, so we'll see.  Like I said, haven't made up our minds yet.


More information about the Mono-list mailing list