Hi, since I had troubles with getting client certificate auth to work, I wonder if you have the same issue. Have you implemented the certificate selection? Otherwise it will not send the certificate, see: https://github.com/meebey/SmartIrc4net/commit/6fe9baba17a2f050cd792f6b452feffa91a9bf9f
Best regards, Mirco (meebey) Bauer FOSS Hacker mee...@meebey.net https://www.meebey.net/ Debian Developer mee...@debian.org http://www.debian.org/ GNOME Foundation Member mmmba...@gnome.org http://www.gnome.org/ CTO @ Gatecoin Ltd. mi...@gatecoin.com https://gatecoin.com/ .NET Foundation Advisory Council Member http://www.dotnetfoundation.org/ PGP-Key ID 0x7127E5ABEEF946C8 https://meebey.net/pubkey.asc On Thu, Jul 27, 2017 at 8:50 PM, ashr <a...@ashr.net> wrote: > Hi guys, > > I've been trying to connect to a threat repository to suck intel feeds > down with Mono. The interface use a client certificate and basic auth to > validate the connection. > > I've played with mono versions from the version that comes with Xenial, > all the way through to Mono JIT compiler version 5.0.1.1. The furthest > I've come was on the latest version, I can see it at least tries to speak TLS > 1.2, but something goes wrong before the Client Key Exchange, (so I'm > guessing > the Server Key exchange fails, wild guess from wireshark caps, I'm not an > expert in SSL handshakes). > > > This is the code I'm using to set this connection > up:*https://pastebin.com/Ei3bsjdF > <https://pastebin.com/Ei3bsjdF>* > > * The MyRemoteCertificateValidationCallback validates the server cert > without error and Mono seems to add the client certificate to the request > just fine as well. > > A paste with the error that occurs during runtime (SecureChannelFailure > (Syscall)): *https://pastebin.com/sUXQf9KF > <https://pastebin.com/sUXQf9KF>* > > Screenshot of wireshark cap of the connection process: > *https://imagebin.ca/v/3UjPy99nEI94 > <https://imagebin.ca/v/3UjPy99nEI94>* > > Screenshot of a wireshark cap of a working connection through python > (Using the same client side certificate connecting to same backend): > *https://imagebin.ca/v/3UjQdz43jKSQ > <https://imagebin.ca/v/3UjQdz43jKSQ>* > > > When I get some time tonight and during the weekend, I'll try set up a > server with client side auth and test it locally as well, but if any of you > gurus have an idea of what is going wrong or how to troubleshoot further, > please let me know ? > > > Many thanks > > ash > > _______________________________________________ > Mono-devel-list mailing list > Mono-devel-list@lists.dot.net > http://lists.dot.net/mailman/listinfo/mono-devel-list > >
_______________________________________________ Mono-devel-list mailing list Mono-devel-list@lists.dot.net http://lists.dot.net/mailman/listinfo/mono-devel-list