Geek Answers Handbook

WCF Mono - BasicHttpBinding with SSL

I am trying to connect an existing WCF client application to work on Linux under Mono. Now I am testing everything, finding out what works on Mono and what does not.

The client makes a super simple call to basicHttpBinding. It works fine until I turn on SSL (i.e. specify BasicHttpSecurityMode.Transport in the binding).

  • Works on .NET on Windows, it works great
  • Running on Mono on Ubuntu 9.10 / Mono 2.6 I get the following error:

Exception in async operation: System.Net.WebException: error while receiving response stream (record: authentication or decryption failed.): SendFailure ---> System.IO.IOException: Authentication or decryption failed. ---> Mono.Security.Protocol.Tls.TlsException: Invalid certificate received from server. Error Code: 0xffffffff800b010a

I read the FAQ on the frequency of protection against single user ; however, the SSL certificate on the server belongs to the root CA (acquired certificate) issued by the Equifax Secure Certificate Authority. I ran the TlsTest tool in installing Ubuntu against the .svc URL and there are no problems and errors. I can also use the service in Firefox (no security warnings).

What am I missing?

+7
mono wcf
source share
2 answers

Mono's TlsTest file is really good at checking this out, so it seems a bit silly to even ask - but: Can you use WebClient to query the .svc file and get an answer? If not, for some reason, you probably still have problems with the certificate.

I also suggest that you used mozroots or certmgr to test the root CA? How about explicitly adding a certificate to your site in the repository through certmgr?

Another reminder: certmgr usually works with a copy of certificates for the current user, you need to specify the --machine argument --machine that all users receive the certificate.

+2
source

I found a trick to fix the error:

 using System.Security.Cryptography.X509Certificates; public class HttpWebRequestClientCertificateTest : ICertificatePolicy { public bool CheckValidationResult (ServicePoint sp, X509Certificate certificate, WebRequest request, int error) { return true; } } ..... ServicePointManager.CertificatePolicy = new HttpWebRequestClientCertificateTest (); HttpWebRequest request = ...

Perhaps it will work for others who have this bug in Mono 2.6.

0
source

More articles:


All Articles