C#. Ssl certifivate. System.NotSupportedException
up vote
0
down vote
favorite
I am creating client-server app.
Server Code:
public sealed class SslTcpServer {
static X509Certificate serverCertificate = null;
public static void RunServer(string certificate) {
serverCertificate = new X509Certificate2(certificate, "123", X509KeyStorageFlags.MachineKeySet);
TcpListener listener = new TcpListener(IPAddress.Parse("127.0.0.1"), 56748);
listener.Start();
while (true) {
Console.WriteLine("Waiting for a client to connect...");
TcpClient client = listener.AcceptTcpClient();
ProcessClient(client);
}
}
static void ProcessClient(TcpClient client) {
SslStream sslStream = new SslStream(client.GetStream());
try {
sslStream.AuthenticateAsServer(serverCertificate,
clientCertificateRequired: false,
checkCertificateRevocation: true);
sslStream.ReadTimeout = 5000;
sslStream.WriteTimeout = 5000;
Console.WriteLine("Waiting for client message...");
string messageData = ReadMessage(sslStream);
Console.WriteLine("Received: {0}", messageData);
byte message = Encoding.UTF8.GetBytes("Hello from the server.<EOF>");
Console.WriteLine("Sending hello message.");
sslStream.Write(message);
} catch (AuthenticationException e) {
Console.WriteLine("Exception: {0}", e.Message);
if (e.InnerException != null) {
Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
}
Console.WriteLine("Authentication failed - closing the connection.");
sslStream.Close();
client.Close();
return;
} finally {
sslStream.Close();
client.Close();
}
}
static string ReadMessage(SslStream sslStream) {
byte buffer = new byte[2048];
StringBuilder messageData = new StringBuilder();
int bytes = -1;
do {
bytes = sslStream.Read(buffer, 0, buffer.Length);
Decoder decoder = Encoding.UTF8.GetDecoder();
char chars = new char[decoder.GetCharCount(buffer, 0, bytes)];
decoder.GetChars(buffer, 0, bytes, chars, 0);
messageData.Append(chars);
if (messageData.ToString().IndexOf("<EOF>") != -1)
break;
} while (bytes != 0);
return messageData.ToString();
}
public static int Main(string args) {
string certificate = "server.crt";
RunServer(certificate);
return 0;
}
}
Client Code:
public class SslTcpClient {
private static Hashtable certificateErrors = new Hashtable();
public static bool ValidateServerCertificate(
object sender,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors sslPolicyErrors) {
if (sslPolicyErrors == SslPolicyErrors.None)
return true;
Console.WriteLine("Certificate error: {0}", sslPolicyErrors);
return false;
}
public static void RunClient(string machineName, string serverName) {
TcpClient client = new TcpClient("127.0.0.1", 56748);
Console.WriteLine("Client connected.");
SslStream sslStream = new SslStream(
client.GetStream(),
false,
new RemoteCertificateValidationCallback(ValidateServerCertificate),
null
);
try {
sslStream.AuthenticateAsClient("127.0.0.1");
} catch (AuthenticationException e) {
Console.WriteLine("Exception: {0}", e.Message);
Console.WriteLine(e.StackTrace);
if (e.InnerException != null) {
Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
}
Console.WriteLine("Authentication failed - closing the connection.");
client.Close();
return;
}
byte messsage = Encoding.UTF8.GetBytes("Hello from the client.<EOF>");
sslStream.Write(messsage);
sslStream.Flush();
string serverMessage = ReadMessage(sslStream);
Console.WriteLine("Server says: {0}", serverMessage);
client.Close();
Console.WriteLine("Client closed.");
}
static string ReadMessage(SslStream sslStream) {
byte buffer = new byte[2048];
StringBuilder messageData = new StringBuilder();
int bytes = -1;
do {
bytes = sslStream.Read(buffer, 0, buffer.Length);
Decoder decoder = Encoding.UTF8.GetDecoder();
char chars = new char[decoder.GetCharCount(buffer, 0, bytes)];
decoder.GetChars(buffer, 0, bytes, chars, 0);
messageData.Append(chars);
if (messageData.ToString().IndexOf("<EOF>") != -1) {
break;
}
} while (bytes != 0);
return messageData.ToString();
}
public static int Main(string args) {
string serverCertificateName = "127.0.0.1";
string machineName = "127.0.0.1";
SslTcpClient.RunClient(machineName, serverCertificateName);
return 0;
}
}
I had already created SSL certificate "server.crt", but I cannot connect user to server.
I have an Unhandled Exception:
System.NotSupportedException: The server mode SSL must use a certificate with the associated private key.
c# ssl openssl tcpclient tcpserver
edited Nov 19 at 8:40
WhatsThePoint
2,11342034
asked Nov 19 at 8:10
Дмитрий
1113
add a comment |
up vote
0
down vote
favorite
I am creating client-server app.
Server Code:
public sealed class SslTcpServer {
static X509Certificate serverCertificate = null;
public static void RunServer(string certificate) {
serverCertificate = new X509Certificate2(certificate, "123", X509KeyStorageFlags.MachineKeySet);
TcpListener listener = new TcpListener(IPAddress.Parse("127.0.0.1"), 56748);
listener.Start();
while (true) {
Console.WriteLine("Waiting for a client to connect...");
TcpClient client = listener.AcceptTcpClient();
ProcessClient(client);
}
}
static void ProcessClient(TcpClient client) {
SslStream sslStream = new SslStream(client.GetStream());
try {
sslStream.AuthenticateAsServer(serverCertificate,
clientCertificateRequired: false,
checkCertificateRevocation: true);
sslStream.ReadTimeout = 5000;
sslStream.WriteTimeout = 5000;
Console.WriteLine("Waiting for client message...");
string messageData = ReadMessage(sslStream);
Console.WriteLine("Received: {0}", messageData);
byte message = Encoding.UTF8.GetBytes("Hello from the server.<EOF>");
Console.WriteLine("Sending hello message.");
sslStream.Write(message);
} catch (AuthenticationException e) {
Console.WriteLine("Exception: {0}", e.Message);
if (e.InnerException != null) {
Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
}
Console.WriteLine("Authentication failed - closing the connection.");
sslStream.Close();
client.Close();
return;
} finally {
sslStream.Close();
client.Close();
}
}
static string ReadMessage(SslStream sslStream) {
byte buffer = new byte[2048];
StringBuilder messageData = new StringBuilder();
int bytes = -1;
do {
bytes = sslStream.Read(buffer, 0, buffer.Length);
Decoder decoder = Encoding.UTF8.GetDecoder();
char chars = new char[decoder.GetCharCount(buffer, 0, bytes)];
decoder.GetChars(buffer, 0, bytes, chars, 0);
messageData.Append(chars);
if (messageData.ToString().IndexOf("<EOF>") != -1)
break;
} while (bytes != 0);
return messageData.ToString();
}
public static int Main(string args) {
string certificate = "server.crt";
RunServer(certificate);
return 0;
}
}
Client Code:
public class SslTcpClient {
private static Hashtable certificateErrors = new Hashtable();
public static bool ValidateServerCertificate(
object sender,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors sslPolicyErrors) {
if (sslPolicyErrors == SslPolicyErrors.None)
return true;
Console.WriteLine("Certificate error: {0}", sslPolicyErrors);
return false;
}
public static void RunClient(string machineName, string serverName) {
TcpClient client = new TcpClient("127.0.0.1", 56748);
Console.WriteLine("Client connected.");
SslStream sslStream = new SslStream(
client.GetStream(),
false,
new RemoteCertificateValidationCallback(ValidateServerCertificate),
null
);
try {
sslStream.AuthenticateAsClient("127.0.0.1");
} catch (AuthenticationException e) {
Console.WriteLine("Exception: {0}", e.Message);
Console.WriteLine(e.StackTrace);
if (e.InnerException != null) {
Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
}
Console.WriteLine("Authentication failed - closing the connection.");
client.Close();
return;
}
byte messsage = Encoding.UTF8.GetBytes("Hello from the client.<EOF>");
sslStream.Write(messsage);
sslStream.Flush();
string serverMessage = ReadMessage(sslStream);
Console.WriteLine("Server says: {0}", serverMessage);
client.Close();
Console.WriteLine("Client closed.");
}
static string ReadMessage(SslStream sslStream) {
byte buffer = new byte[2048];
StringBuilder messageData = new StringBuilder();
int bytes = -1;
do {
bytes = sslStream.Read(buffer, 0, buffer.Length);
Decoder decoder = Encoding.UTF8.GetDecoder();
char chars = new char[decoder.GetCharCount(buffer, 0, bytes)];
decoder.GetChars(buffer, 0, bytes, chars, 0);
messageData.Append(chars);
if (messageData.ToString().IndexOf("<EOF>") != -1) {
break;
}
} while (bytes != 0);
return messageData.ToString();
}
public static int Main(string args) {
string serverCertificateName = "127.0.0.1";
string machineName = "127.0.0.1";
SslTcpClient.RunClient(machineName, serverCertificateName);
return 0;
}
}
I had already created SSL certificate "server.crt", but I cannot connect user to server.
I have an Unhandled Exception:
System.NotSupportedException: The server mode SSL must use a certificate with the associated private key.
c# ssl openssl tcpclient tcpserver
edited Nov 19 at 8:40
WhatsThePoint
2,11342034
asked Nov 19 at 8:10
Дмитрий
1113
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I am creating client-server app.
Server Code:
public sealed class SslTcpServer {
static X509Certificate serverCertificate = null;
public static void RunServer(string certificate) {
serverCertificate = new X509Certificate2(certificate, "123", X509KeyStorageFlags.MachineKeySet);
TcpListener listener = new TcpListener(IPAddress.Parse("127.0.0.1"), 56748);
listener.Start();
while (true) {
Console.WriteLine("Waiting for a client to connect...");
TcpClient client = listener.AcceptTcpClient();
ProcessClient(client);
}
}
static void ProcessClient(TcpClient client) {
SslStream sslStream = new SslStream(client.GetStream());
try {
sslStream.AuthenticateAsServer(serverCertificate,
clientCertificateRequired: false,
checkCertificateRevocation: true);
sslStream.ReadTimeout = 5000;
sslStream.WriteTimeout = 5000;
Console.WriteLine("Waiting for client message...");
string messageData = ReadMessage(sslStream);
Console.WriteLine("Received: {0}", messageData);
byte message = Encoding.UTF8.GetBytes("Hello from the server.<EOF>");
Console.WriteLine("Sending hello message.");
sslStream.Write(message);
} catch (AuthenticationException e) {
Console.WriteLine("Exception: {0}", e.Message);
if (e.InnerException != null) {
Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
}
Console.WriteLine("Authentication failed - closing the connection.");
sslStream.Close();
client.Close();
return;
} finally {
sslStream.Close();
client.Close();
}
}
static string ReadMessage(SslStream sslStream) {
byte buffer = new byte[2048];
StringBuilder messageData = new StringBuilder();
int bytes = -1;
do {
bytes = sslStream.Read(buffer, 0, buffer.Length);
Decoder decoder = Encoding.UTF8.GetDecoder();
char chars = new char[decoder.GetCharCount(buffer, 0, bytes)];
decoder.GetChars(buffer, 0, bytes, chars, 0);
messageData.Append(chars);
if (messageData.ToString().IndexOf("<EOF>") != -1)
break;
} while (bytes != 0);
return messageData.ToString();
}
public static int Main(string args) {
string certificate = "server.crt";
RunServer(certificate);
return 0;
}
}
Client Code:
public class SslTcpClient {
private static Hashtable certificateErrors = new Hashtable();
public static bool ValidateServerCertificate(
object sender,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors sslPolicyErrors) {
if (sslPolicyErrors == SslPolicyErrors.None)
return true;
Console.WriteLine("Certificate error: {0}", sslPolicyErrors);
return false;
}
public static void RunClient(string machineName, string serverName) {
TcpClient client = new TcpClient("127.0.0.1", 56748);
Console.WriteLine("Client connected.");
SslStream sslStream = new SslStream(
client.GetStream(),
false,
new RemoteCertificateValidationCallback(ValidateServerCertificate),
null
);
try {
sslStream.AuthenticateAsClient("127.0.0.1");
} catch (AuthenticationException e) {
Console.WriteLine("Exception: {0}", e.Message);
Console.WriteLine(e.StackTrace);
if (e.InnerException != null) {
Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
}
Console.WriteLine("Authentication failed - closing the connection.");
client.Close();
return;
}
byte messsage = Encoding.UTF8.GetBytes("Hello from the client.<EOF>");
sslStream.Write(messsage);
sslStream.Flush();
string serverMessage = ReadMessage(sslStream);
Console.WriteLine("Server says: {0}", serverMessage);
client.Close();
Console.WriteLine("Client closed.");
}
static string ReadMessage(SslStream sslStream) {
byte buffer = new byte[2048];
StringBuilder messageData = new StringBuilder();
int bytes = -1;
do {
bytes = sslStream.Read(buffer, 0, buffer.Length);
Decoder decoder = Encoding.UTF8.GetDecoder();
char chars = new char[decoder.GetCharCount(buffer, 0, bytes)];
decoder.GetChars(buffer, 0, bytes, chars, 0);
messageData.Append(chars);
if (messageData.ToString().IndexOf("<EOF>") != -1) {
break;
}
} while (bytes != 0);
return messageData.ToString();
}
public static int Main(string args) {
string serverCertificateName = "127.0.0.1";
string machineName = "127.0.0.1";
SslTcpClient.RunClient(machineName, serverCertificateName);
return 0;
}
}
I had already created SSL certificate "server.crt", but I cannot connect user to server.
I have an Unhandled Exception:
System.NotSupportedException: The server mode SSL must use a certificate with the associated private key.
c# ssl openssl tcpclient tcpserver
edited Nov 19 at 8:40
WhatsThePoint
2,11342034
asked Nov 19 at 8:10
Дмитрий
1113
I am creating client-server app.
Server Code:
public sealed class SslTcpServer {
static X509Certificate serverCertificate = null;
public static void RunServer(string certificate) {
serverCertificate = new X509Certificate2(certificate, "123", X509KeyStorageFlags.MachineKeySet);
TcpListener listener = new TcpListener(IPAddress.Parse("127.0.0.1"), 56748);
listener.Start();
while (true) {
Console.WriteLine("Waiting for a client to connect...");
TcpClient client = listener.AcceptTcpClient();
ProcessClient(client);
}
}
static void ProcessClient(TcpClient client) {
SslStream sslStream = new SslStream(client.GetStream());
try {
sslStream.AuthenticateAsServer(serverCertificate,
clientCertificateRequired: false,
checkCertificateRevocation: true);
sslStream.ReadTimeout = 5000;
sslStream.WriteTimeout = 5000;
Console.WriteLine("Waiting for client message...");
string messageData = ReadMessage(sslStream);
Console.WriteLine("Received: {0}", messageData);
byte message = Encoding.UTF8.GetBytes("Hello from the server.<EOF>");
Console.WriteLine("Sending hello message.");
sslStream.Write(message);
} catch (AuthenticationException e) {
Console.WriteLine("Exception: {0}", e.Message);
if (e.InnerException != null) {
Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
}
Console.WriteLine("Authentication failed - closing the connection.");
sslStream.Close();
client.Close();
return;
} finally {
sslStream.Close();
client.Close();
}
}
static string ReadMessage(SslStream sslStream) {
byte buffer = new byte[2048];
StringBuilder messageData = new StringBuilder();
int bytes = -1;
do {
bytes = sslStream.Read(buffer, 0, buffer.Length);
Decoder decoder = Encoding.UTF8.GetDecoder();
char chars = new char[decoder.GetCharCount(buffer, 0, bytes)];
decoder.GetChars(buffer, 0, bytes, chars, 0);
messageData.Append(chars);
if (messageData.ToString().IndexOf("<EOF>") != -1)
break;
} while (bytes != 0);
return messageData.ToString();
}
public static int Main(string args) {
string certificate = "server.crt";
RunServer(certificate);
return 0;
}
}
Client Code:
public class SslTcpClient {
private static Hashtable certificateErrors = new Hashtable();
public static bool ValidateServerCertificate(
object sender,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors sslPolicyErrors) {
if (sslPolicyErrors == SslPolicyErrors.None)
return true;
Console.WriteLine("Certificate error: {0}", sslPolicyErrors);
return false;
}
public static void RunClient(string machineName, string serverName) {
TcpClient client = new TcpClient("127.0.0.1", 56748);
Console.WriteLine("Client connected.");
SslStream sslStream = new SslStream(
client.GetStream(),
false,
new RemoteCertificateValidationCallback(ValidateServerCertificate),
null
);
try {
sslStream.AuthenticateAsClient("127.0.0.1");
} catch (AuthenticationException e) {
Console.WriteLine("Exception: {0}", e.Message);
Console.WriteLine(e.StackTrace);
if (e.InnerException != null) {
Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
}
Console.WriteLine("Authentication failed - closing the connection.");
client.Close();
return;
}
byte messsage = Encoding.UTF8.GetBytes("Hello from the client.<EOF>");
sslStream.Write(messsage);
sslStream.Flush();
string serverMessage = ReadMessage(sslStream);
Console.WriteLine("Server says: {0}", serverMessage);
client.Close();
Console.WriteLine("Client closed.");
}
static string ReadMessage(SslStream sslStream) {
byte buffer = new byte[2048];
StringBuilder messageData = new StringBuilder();
int bytes = -1;
do {
bytes = sslStream.Read(buffer, 0, buffer.Length);
Decoder decoder = Encoding.UTF8.GetDecoder();
char chars = new char[decoder.GetCharCount(buffer, 0, bytes)];
decoder.GetChars(buffer, 0, bytes, chars, 0);
messageData.Append(chars);
if (messageData.ToString().IndexOf("<EOF>") != -1) {
break;
}
} while (bytes != 0);
return messageData.ToString();
}
public static int Main(string args) {
string serverCertificateName = "127.0.0.1";
string machineName = "127.0.0.1";
SslTcpClient.RunClient(machineName, serverCertificateName);
return 0;
}
}
I had already created SSL certificate "server.crt", but I cannot connect user to server.
I have an Unhandled Exception:
System.NotSupportedException: The server mode SSL must use a certificate with the associated private key.
c# ssl openssl tcpclient tcpserver
c# ssl openssl tcpclient tcpserver
edited Nov 19 at 8:40
WhatsThePoint
2,11342034
asked Nov 19 at 8:10
Дмитрий
1113
edited Nov 19 at 8:40
WhatsThePoint
2,11342034
asked Nov 19 at 8:10
Дмитрий
1113
edited Nov 19 at 8:40
WhatsThePoint
2,11342034
edited Nov 19 at 8:40
WhatsThePoint
2,11342034
edited Nov 19 at 8:40
WhatsThePoint
2,11342034
2,11342034
asked Nov 19 at 8:10
Дмитрий
1113
asked Nov 19 at 8:10
Дмитрий
1113
asked Nov 19 at 8:10
Дмитрий
1113
1113
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
0
down vote
The exception is telling you that you need the private key also of the server certificate as the SSL server needs to have it to decrypt the session key generated by the client. Now, having said that, the certificate you are passing to the RunServer method is Server.crt which is a public cert only (i.e. it does not have associated private key). If you have generated this certificate by yourself you should also generate a server.p12 or server.pfx file (which has private key also in it) and then create a X509Certificate out of it. Something like this ..
var certificate = new X509Certificate("server.pfx", "password_of_the_private_key");
answered Nov 19 at 8:58
user3164323
626
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
The exception is telling you that you need the private key also of the server certificate as the SSL server needs to have it to decrypt the session key generated by the client. Now, having said that, the certificate you are passing to the RunServer method is Server.crt which is a public cert only (i.e. it does not have associated private key). If you have generated this certificate by yourself you should also generate a server.p12 or server.pfx file (which has private key also in it) and then create a X509Certificate out of it. Something like this ..
var certificate = new X509Certificate("server.pfx", "password_of_the_private_key");
answered Nov 19 at 8:58
user3164323
626
add a comment |
up vote
0
down vote
The exception is telling you that you need the private key also of the server certificate as the SSL server needs to have it to decrypt the session key generated by the client. Now, having said that, the certificate you are passing to the RunServer method is Server.crt which is a public cert only (i.e. it does not have associated private key). If you have generated this certificate by yourself you should also generate a server.p12 or server.pfx file (which has private key also in it) and then create a X509Certificate out of it. Something like this ..
var certificate = new X509Certificate("server.pfx", "password_of_the_private_key");
answered Nov 19 at 8:58
user3164323
626
add a comment |
up vote
0
down vote
up vote
0
down vote
The exception is telling you that you need the private key also of the server certificate as the SSL server needs to have it to decrypt the session key generated by the client. Now, having said that, the certificate you are passing to the RunServer method is Server.crt which is a public cert only (i.e. it does not have associated private key). If you have generated this certificate by yourself you should also generate a server.p12 or server.pfx file (which has private key also in it) and then create a X509Certificate out of it. Something like this ..
var certificate = new X509Certificate("server.pfx", "password_of_the_private_key");
answered Nov 19 at 8:58
user3164323
626
The exception is telling you that you need the private key also of the server certificate as the SSL server needs to have it to decrypt the session key generated by the client. Now, having said that, the certificate you are passing to the RunServer method is Server.crt which is a public cert only (i.e. it does not have associated private key). If you have generated this certificate by yourself you should also generate a server.p12 or server.pfx file (which has private key also in it) and then create a X509Certificate out of it. Something like this ..
var certificate = new X509Certificate("server.pfx", "password_of_the_private_key");
answered Nov 19 at 8:58
user3164323
626
answered Nov 19 at 8:58
user3164323
626
answered Nov 19 at 8:58
user3164323
626
answered Nov 19 at 8:58
user3164323
626
626
add a comment |
add a comment |
draft saved
draft discarded
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53370592%2fc-ssl-certifivate-system-notsupportedexception%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
