I've followed the steps in
http://www.mono-project.com/UsingClientCertificatesWithXSP to create a
root certificate and a client certificate (instead of generating a .p12,
I created a .pvk and a .cer) and then used the "client" certificate as
my server's.
Then I created a small program (attached hl.cs) and run **Mono's**
httpcfg to associate the certificate with port 9667. Everything worked
just fine with Mono (and on .NET, since I didn't use their httpcfg, you
get a connection reset error.
See the screenshot at http://gonzalo.name/tmp/httplistener2.png
-Gonzalo
On Sun, 2010-09-05 at 22:11 -0700, salar2k wrote:
> I'm trying to use Mono HttpListener but after some test I'm running into an
> issue with HttpS.
> The project works well with simple http requests but just doesn't serve
> https.
>
> Here is what I've done to use it (win7), first try to create certificate
> files:
>
> makecert -r -pe -n "CN=SALARPC" -b 01/01/2000 -e 01/01/2040 -eku
> 1.3.6.1.5.5.7.3.1 -ss my -sr localMachine -sky exchange -sp "Microsoft RSA
> SChannel Cryptographic Provider" -sy 12 -sv local.pvk local.cer
>
> (this is microsoft makecert application)
>
> I've create certifications without password.
> and registration of files to the port:
>
> httpcfg -add -port 9667 -pvk local.pvk -cert local.cer
>
> All is done successfully.
> Unfortunately it doesn't response to https port.
> (note: actually httpcfg copies cer and pvk files for port 9667 to here:
> C:\Users\USERNAME\AppData\Roaming\.mono\httplistener)
>
> Second try with openssl and pvktool:
>
> openssl genrsa -des3 -out localhost.pem 2048
> openssl rsa -in localhost.pem -out localhost.pem.nopass
> openssl req -new -key localhost.pem.nopass -out localhost.csr
>
> pvk -in localhost.pem.nopass -topvk -nocrypt -out localhost.pvk
>
> httpcfg -del -port 9667
> httpcfg -add -port 9667 -pvk localhost.pvk -cert localhost.crt
>
> Still no luck with httplistener and https!
>
> Debugging the mono code I realize that it throws internally an exception
> during reading the request (HttpConnection.cs) which says "The
> authentication or decryption has failed.":
>
> System.IO.IOException was caught
> Message=The authentication or decryption has failed.
> Source=Mono.HttpListener
> StackTrace:
> at Mono.Security.Protocol.Tls.SslStreamBase.EndRead(IAsyncResult
> asyncResult)
> at Mono.Net.HttpConnection.OnRead(IAsyncResult ares)
> InnerException: Mono.Security.Protocol.Tls.TlsException
> Message=A message could not be decoded because some field was out
> of the specified range or the length of the message was incorrect.
> Source=Mono.HttpListener
>
> Am I doing something wrong! What's the problem?
> Or this is a bug?
> [Mono-2.6.7 - windows 7]
>
using System;
using System.IO;
using System.Net;
namespace ConsoleApplication1 {
class Class1 {
static void Main ()
{
HttpListener l = new HttpListener ();
l.Prefixes.Add ("https://*:9667/";);
l.Start ();
l.BeginGetContext (OnGetContext, l);
Console.ReadLine ();
}
static void OnGetContext (IAsyncResult ares)
{
HttpListener l = ares.AsyncState as HttpListener;
if (l == null)
return;
try {
HttpListenerContext ctx = l.EndGetContext (ares);
Console.WriteLine ("Got request");
l.BeginGetContext (OnGetContext, l);
using (StreamWriter writer = new StreamWriter (ctx.Response.OutputStream))
writer.Write ("Hello world!");
ctx.Response.Close ();
Console.WriteLine ("Sent request");
} catch (Exception e) {
Console.WriteLine (e);
Environment.Exit (1);
}
}
}
}
_______________________________________________
Mono-devel-list mailing list
Mono-devel-list@lists.ximian.com
http://lists.ximian.com/mailman/listinfo/mono-devel-list
