Are you using a "valid" certificate? Valid means: a "real certificate", the one that came from a certification authority. Not valid means: a certificate issued by yourself. In that case you must build an "accept all certificates routine", one that can trust valid (from certification authorities) and invalid (your own issued) certificates.
Take a look to http://blog.jameshiggs.com/2008/05/01/c-how-to-accept-an-invalid-ssl-certificate-programmatically/ or googling for a solution http://www.google.it/search?hl=&q=%2Baccept+%2Buntrusted+%2Bcertificates+%2B"c%23" Hi, Aldus. Il 13/09/2010 19.44, astromag ha scritto: > Hi, > I wrotea small application (test) of type client - server(Tcp/Ip, SSL). > Unfortunately it doeas not work under linux (server on Linux - client on M$ > Windows), in M$ Windows it works. > It turned out, that server stops on method AuthenticateAsServer of class > SslStream. > > Server application: > namespace ConsoleApplication1 > { > class Program > { > static void Main(string[] args) > { > try > { > TcpListener listener = new TcpListener(IPAddress.Any, 7777); > listener.Start(); > > X509Certificate cert = new > X509Certificate2("XServerCertificate.pfx", "0987654321"); > > while (true) > { > TcpClient client = listener.AcceptTcpClient(); > SslStream sslStream = new SslStream(client.GetStream()); > > sslStream.AuthenticateAsServer(cert, false, > System.Security.Authentication.SslProtocols.Tls, false); // Aplikacja > zatrzymuje się na działaniu tej metody > BinaryWriter writer = new BinaryWriter(sslStream, > System.Text.Encoding.UTF8); > string s = "Witam :)"; > writer.Write(s); > writer.Flush(); > sslStream.Flush(); > System.Threading.Thread.Sleep(500); > writer.Close(); > } > } > catch (Exception e) > { > Console.WriteLine(e.Message); > } > } > } > } > > Client Application: > namespace SslClient > { > class Program > { > static void Main(string[] args) > { > TcpClient client = new TcpClient(); > client.Connect(IPAddress.Parse("127.0.0.1"), 7777); > SslStream sslStream = new SslStream(client.GetStream(), false, > new RemoteCertificateValidationCallback(Program.CWC)); > X509Certificate cert1 = new X509Certificate2("MyCa.cer"); > X509Certificate cert2 = new > X509Certificate2("XServerCertificate.cer"); > X509Certificate[] certs = new X509Certificate[2]; > certs[0] = cert1; > certs[1] = cert2; > X509CertificateCollection cc = new > X509CertificateCollection(certs); > > sslStream.AuthenticateAsClient("XServerCertificate", cc, > System.Security.Authentication.SslProtocols.Ssl3, false); > > System.IO.BinaryReader reader = new > System.IO.BinaryReader(sslStream, System.Text.Encoding.UTF8); > > Console.WriteLine(reader.ReadString()); > reader.Close(); > > Console.WriteLine("Koniec"); > Console.ReadKey(false); > > } > > static bool CWC(object sender, X509Certificate cert, X509Chain > chain, SslPolicyErrors errors) > { > if (errors == SslPolicyErrors.None) > { > return true; > } > else > { > return false; > } > } > } > } > > I assume, that problem lies in interpretation of certificates under Linux ( > I have not problems, with the same certificates under M$ Windows). > > So far Google did not bring answer. > > Client's code started in mono 2.6.7 threw out an error. > Unhandled Exception: System.IO.IOException: The authentication or decryption > has > failed. ---> Mono.Security.Protocol.Tls.TlsException: Invalid certificate > recei > ved from server. > at > Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.validateCe > rtificates (Mono.Security.X509.X509CertificateCollection certificates) > [0x00000] > in<filename unknown>:0 > at > Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsT > ls1 () [0x00000] in<filename unknown>:0 > at > Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsS > sl3 () [0x00000] in<filename unknown>:0 > at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () > [0x00000] > in<filename unknown>:0 > at (wrapper remoting-invoke-with-check) > Mono.Security.Protocol.Tls.Handshake.H > andshakeMessage:Process () > at Mono.Security.Protocol.Tls.ClientRecordProtocol.ProcessHandshakeMessage > (Mo > no.Security.Protocol.Tls.TlsStream handMsg) [0x00000] in<filename > unknown>:0 > at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback > (IA > syncResult asyncResult) [0x00000] in<filename unknown>:0 > --- End of inner exception stack trace --- > at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback > (IAsyncResu > lt asyncResult) [0x00000] in<filename unknown>:0 > > I ask for help. -- ------------------------------------------------------------------ "If you are thinking one year ahead, sow seed. If you are thinking ten years ahead, plant a tree. If you are thinking one hundred years ahead, educate the people." Kuan Tze, Chinese poet, 400 B.C. _______________________________________________ Mono-list maillist - Mono-list@lists.ximian.com http://lists.ximian.com/mailman/listinfo/mono-list