On Tue, Mar 18, 2014 at 6:33 AM, Edward Ned Harvey (mono) < edward.harvey.m...@clevertrove.com> wrote:
> > From: Sebastien Pouliot [mailto:sebastien.poul...@gmail.com] > > > >> var mySslStream = new SslStream > (client.GetStream(), false, > >> ValidateServerCertificate); > > > > if you read the source [1] (or look at the API compatibility page [2]) > you'll see > > that this .ctor is decorated with > > > > [MonoTODO ("userCertificateValidationCallback is not passed X509Chain and > > SslPolicyErrors correctly")] > > > > Changing it to > > > > var mySslStream = new SslStream (client.GetStream(), false); > > > > *and* having run `mozroots` will work. > > Thank you for this information, but it causes me an equally significant > problem. I need to accept the server cert if it passes validation with > mozroots, but if that fails, then I need to get user input to determine if > they'll accept the cert. > > I guess the best way to do this will be to first create the SslStream and > AuthenticateAsClient, and simply wait to see if it succeeds. If it fails, > then throw it away, create a new SslStream with > RemoteCertificateValidationCallback, and ignore the X509Chain and > SslPolicyErrors, just simply present the certificate to user. > > Any better ideas? > Contribute! :-) > > Thanks again, for your very prompt and helpful response. :-) >
_______________________________________________ Mono-devel-list mailing list Mono-devel-list@lists.ximian.com http://lists.ximian.com/mailman/listinfo/mono-devel-list