This is frustrating me to no end.  Can anybody shed any light?

I have a server and client application, using signed trusted cert, and it all 
works fine on windows.  I understand (but I'm surprised) that mono trusts no 
root CA's, so you have to "mozroots --import --sync" if you want to change 
that.  And I confirm after doing that, I have a bunch of stuff under 
~/.config/.mono/certs/Trust/   ...  But still, the client is rejecting the 
server cert.

To eliminate possibility of errors with my cert, or server behavior etc, I have 
done this:  A really simple program to connect to a https website and see if 
SSL is working..

This still has SslPolicyErrors RemoteCertificateNotAvailable

using System;
using System.Net;
using System.Net.Sockets;
using System.Net.Security;
using System.Security.Authentication;
using System.Security.Cryptography.X509Certificates;

namespace FunWithSsl
{
                class MainClass
                {
                                public static void Main (string[] args)
                                {
                                                string targetHost = 
"verisign.com";
                                                IPAddress[] addresses = 
Dns.GetHostAddresses (targetHost);
                                                var client = new TcpClient ();
                                                client.Connect (addresses 
[0],443);
                                                var mySslStream = new SslStream 
(client.GetStream(), false, ValidateServerCertificate);
                                                
mySslStream.AuthenticateAsClient (targetHost, null, SslProtocols.Tls, false);
                                                System.Console.WriteLine 
("Finished");
                                }
                                private static bool 
ValidateServerCertificate(object sender, X509Certificate certificate, X509Chain 
chain, SslPolicyErrors sslPolicyErrors)
                                {
                                                return true;
                                }
                }
}
_______________________________________________
Mono-list maillist  -  [email protected]
http://lists.ximian.com/mailman/listinfo/mono-list

Reply via email to