Hi, I wrotea small application (test) of type client - server(Tcp/Ip, SSL). Unfortunately it doeas not work under linux (server on Linux - client on M$ Windows), in M$ Windows it works. It turned out, that server stops on method AuthenticateAsServer of class SslStream.
Server application: namespace ConsoleApplication1 { class Program { static void Main(string[] args) { try { TcpListener listener = new TcpListener(IPAddress.Any, 7777); listener.Start(); X509Certificate cert = new X509Certificate2("XServerCertificate.pfx", "0987654321"); while (true) { TcpClient client = listener.AcceptTcpClient(); SslStream sslStream = new SslStream(client.GetStream()); sslStream.AuthenticateAsServer(cert, false, System.Security.Authentication.SslProtocols.Tls, false); // Aplikacja zatrzymuje się na działaniu tej metody BinaryWriter writer = new BinaryWriter(sslStream, System.Text.Encoding.UTF8); string s = "Witam :)"; writer.Write(s); writer.Flush(); sslStream.Flush(); System.Threading.Thread.Sleep(500); writer.Close(); } } catch (Exception e) { Console.WriteLine(e.Message); } } } } Client Application: namespace SslClient { class Program { static void Main(string[] args) { TcpClient client = new TcpClient(); client.Connect(IPAddress.Parse("127.0.0.1"), 7777); SslStream sslStream = new SslStream(client.GetStream(), false, new RemoteCertificateValidationCallback(Program.CWC)); X509Certificate cert1 = new X509Certificate2("MyCa.cer"); X509Certificate cert2 = new X509Certificate2("XServerCertificate.cer"); X509Certificate[] certs = new X509Certificate[2]; certs[0] = cert1; certs[1] = cert2; X509CertificateCollection cc = new X509CertificateCollection(certs); sslStream.AuthenticateAsClient("XServerCertificate", cc, System.Security.Authentication.SslProtocols.Ssl3, false); System.IO.BinaryReader reader = new System.IO.BinaryReader(sslStream, System.Text.Encoding.UTF8); Console.WriteLine(reader.ReadString()); reader.Close(); Console.WriteLine("Koniec"); Console.ReadKey(false); } static bool CWC(object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors errors) { if (errors == SslPolicyErrors.None) { return true; } else { return false; } } } } I assume, that problem lies in interpretation of certificates under Linux ( I have not problems, with the same certificates under M$ Windows). So far Google did not bring answer. Client's code started in mono 2.6.7 threw out an error. Unhandled Exception: System.IO.IOException: The authentication or decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: Invalid certificate recei ved from server. at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.validateCe rtificates (Mono.Security.X509.X509CertificateCollection certificates) [0x00000] in <filename unknown>:0 at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsT ls1 () [0x00000] in <filename unknown>:0 at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsS sl3 () [0x00000] in <filename unknown>:0 at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () [0x00000] in <filename unknown>:0 at (wrapper remoting-invoke-with-check) Mono.Security.Protocol.Tls.Handshake.H andshakeMessage:Process () at Mono.Security.Protocol.Tls.ClientRecordProtocol.ProcessHandshakeMessage (Mo no.Security.Protocol.Tls.TlsStream handMsg) [0x00000] in <filename unknown>:0 at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IA syncResult asyncResult) [0x00000] in <filename unknown>:0 --- End of inner exception stack trace --- at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResu lt asyncResult) [0x00000] in <filename unknown>:0 I ask for help. -- View this message in context: http://mono.1490590.n4.nabble.com/SslStream-mono-error-tp2537849p2537849.html Sent from the Mono - General mailing list archive at Nabble.com. _______________________________________________ Mono-list maillist - Mono-list@lists.ximian.com http://lists.ximian.com/mailman/listinfo/mono-list