> From: [email protected] [mailto:mono-list- > [email protected]] On Behalf Of Darkness > > Transport security is working fine with basicHttpBinding, but when I set the > transport client credential type to certificate, the client authentication > does not seem to work on mono. (all certificates are in place)
There is a bunch of stuff related to SSL and TLS that is broken, and currently under development. I suspect you're probably bumping into it. I suggest you re-post your question to the mono-dev list - but first look at the archives and look for recent posts from Martin Baulig, on Nov 3 and Oct 26. Also see Miguel's blog post http://tirania.org/blog/archive/2015/Aug-27.html There are a different set of compatibility issues depending on whether your server is mono and client is windows, or server is windows and client is mono, or win-win, or mono-mono. So be specific about precisely what platform your clients & servers are running. There are additionally some compatibility problems, with mono servers serving SSL cert chains for real valid certs. I think it works if the server cert is signed directly by the CA root - which never happens unless you are the CA. I had to hack the mono server in order to make it work with a single intermediate, but then it works *only* with a single intermediate (doesn't work if directly signed by root, or if signed by 2 intermediates). All of the issues I'm talking about are even more basic than what you're asking. I'm talking about simply establishing a standard, common, TLS channel. Your question involving client authentication with certs is even more advanced, even more likely to be broken. I say ask on the mono-dev list, not only because you're most likely to get your answers there - You might also get suggestions such as "use eidos secure blackbox as an alternative." Good luck. _______________________________________________ Mono-list maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-list
