On Thu, 2011-05-19 at 07:12 -0700, jpros wrote: > Sorry for revive this thread, but I'm having the same problem. > > I'm using CentOS with mono 2.10.2 as server and Windows XP as client. > > My Code > > > Socket socket = tcp.AcceptSocket(); > > X509Certificate certificado = > > X509Certificate.CreateFromCertFile("dg1.cer"); > > ns = new SslStream(new NetworkStream(socket)); > > ns.AuthenticateAsServer(certificado); > > When the service is going Authenticate it throws the same exception of > Richter's code. > > System.IO.IOException: The authentication or > > decryption has failed. ---> > > > Mono.Security.Protocol.Tls.TlsException: Server > > certificate Private Key > > > I created a certificate by Apple KeyChain but didn't work, after read a lot, > I created a certificate by Mono makecert and I added the certificate to mono > certmgr trust store, but didn't work too. > > I don't know what can I do to solve my problem.
You are confusing issues. The common trust issue is (mostly) a client issue, i.e. the client must trust the certificate that a server is using in order for SSL to be useful. Now your client is on Windows XP (not sure it's running Mono or not [1]). Your code is server code (which is executed on centos, right?) and the exception you're seeing is about the (missing) private key (not a trust issue) [2]. This happens because the .cer file (that you're feeding to your server) is *only* a certificate. A X.509 certificate includes the public key (good enough for the client in this case) but does *NOT* include the private key, which the server requires to establish a secure channel with the client. One way to solve this is using Mono's makecert and generate a pkcs#12 file (i.e. which includes both the certificate(s) and the private key) and use this in your server code. A recent thread [3] includes more details Sebastien [1] when asking for help please provide all details, e.g. .net runtime used (e.g. on windows), mono versions [2] googling "Mono AuthenticateAsServer" would have pointed this out [3] http://comments.gmane.org/gmane.comp.gnome.mono.general/42060 _______________________________________________ Mono-devel-list mailing list Mono-devel-list@lists.ximian.com http://lists.ximian.com/mailman/listinfo/mono-devel-list