http://bugzilla.novell.com/show_bug.cgi?id=584050
http://bugzilla.novell.com/show_bug.cgi?id=584050#c0 Summary: ServerCertificateValidationCallback receives wrong certificate chain Classification: Mono Product: Mono: Class Libraries Version: unspecified Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: System AssignedTo: [email protected] ReportedBy: [email protected] QAContact: [email protected] Found By: --- Blocker: --- To allow the user to plug his authentication system for server certificates, we need to provide a valid X509Chain. Instead we provide an empty chain that only contains the leaf certificate to our callback routines. The following sample should be printing "Chain: 3", but in Mono it prints "Chain: 1". This is printed regardless of having or not having the mozroot certificates. This is problematic, as this is what is required on the iPhone to use the system certificates, but we do need to provide the chain to the Apple APIs to be able to be able to get a valid answer from SecTrustEvaluate. using System; using System.Net; using System.Security.Cryptography.X509Certificates; using System.Net.Security; public class Program { public static bool CheckValidationResult (object sender, X509Certificate cert, X509Chain chain, SslPolicyErrors errors) { Console.WriteLine ("Error: {0}", errors); Console.WriteLine ("Chain: {0}", chain.ChainElements.Count); return true; } static void Main () { ServicePointManager.ServerCertificateValidationCallback = Checkvalidationresult; HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create("https://gmail.com";); request.GetResponse (); } -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA contact for the bug. You are the assignee for the bug. _______________________________________________ mono-bugs maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-bugs
