SslStream troubles

Question

0.00/5 (No votes)

See more:

I have an client/server solution into which I am trying to shoehorn SslStream. Everything looks good to me(obviously), but whenever my callback to BeginAuthenticateAsClient() is called, I get the message "The remote certificate is invalid according to the validation procedure."

Now, I've checked and re-checked my Personal certificate and the Trusted Root Certificate Authority certificate I used to create the Personal certificate that my server code uses. Both of them show as valid, the Personal certificate has a private key and the Personal cert "points" to the Trusted Root certificate. In my server code I open an X509Store to the LocalMachine store, which is where my certs are located. I find the Personal cert and create a local X509Certificate variable (_certificate = new X509Certificate(foundCert.RawData);) In the callback to BeginAuthenticateAsServer(), my call to EndAuthenticateAsServer(result) succeeds. But on the client side (running on the same PC, I might add), my call to EndAuthenticateAsClient(result) returns the error above.

Can someone who has expertise in this area give me some pointers to things I may have done incorrectly, please?

Posted 25-Oct-10 10:59am

TimWallace

Add a Solution

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

DaveyM69 · Answer 1 · 2010-10-25T12:37:00

Solution 1

I'm no expert in this area but I've never had a problem using SSL streams.

Which SslStream constructor are you using? I would suggest using one that takes a RemoteCertificateValidationCallback delegate so you can check any policy errors if you're not already.

Posted 25-Oct-10 12:37pm

DaveyM69

TimWallace · Answer 2 · 2010-10-26T09:42:00

Solution 2

I'm getting the "RemoteCertificateNameMismatch" error. I'm not sure if it's because my test Client is running on the same machine as my test Server, since the local name for the PC is different than what the external DNS entry is (and the CN value I used when I created my test certificate).

Posted 26-Oct-10 9:42am

TimWallace

Comments

DaveyM69 22-Nov-10 18:51pm

Hi Tim, I never got a notification of your post because you added it as an answer instead of a comment!
Did you sort this out? If not, add a comment to my post and I'll help you through it.