Hi All, I am working on migrating my .NET based windows service to mono and linux.
I am using SslStream and its BeginAuthenticateServer method. Exception: The authentication or decryption has failed. Inner Exception: Server certificate Private Key unavailable. at Mono.Security.Protocol.Tls.Handshake.Server.TlsClientKeyExchange.ProcessAsSsl3 () [0x00000] in <filename unknown>:0 at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () [0x00000] in <filename unknown>:0 at (wrapper remoting-invoke-with-check) Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process () at Mono.Security.Protocol.Tls.ServerRecordProtocol.ProcessHandshakeMessage (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000] in <filename unknown>:0 at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0 [http://lists.ximian.com/pipermail/mono-list/2007-February/034278.html] I see that Sebastien has pointed out using alternate Mono.Security.Protocol.Tls.SslServerStream class, and its delegate to fetch private key. (because of difference between linux vs. windows handling of certs.) What is next? Just use the server certificate from SslServerStream property, and dispose the stream? And continue using original Microsoft SslStream? Or I just have to use Mono's SslServerStream and manually write read "any/irrelevant" data to proceed with authentication? I am using PFX file. I did include private key. So, Do I even need to use the delegate to load private key separately?? (How can I debug whether the loaded X509Certificate instance has the private key loaded.) I have also tried this with a Verisign issued real certificate. But since that entire thing including export was done on Windows, I tried my code with self-signed (linux - openssl) cert. Thanks, Chirag _______________________________________________ Mono-list maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-list
