{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 smile是对你的礼貌 的问题《Exception in ssl certificate code》','https://www.manongdao.com/q-650185.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I made a client server socket connection with sslStream but there is a a exception on server when the code reaches to line AuthenticateAsServer I searched in internet but I couldn't find a good answer why it happens. I made the .pfx testfile in my project and made a simple password for it. I don't know the problem is from file or not.
the exception is in line: sslStream.AuthenticateAsServer(certificate);
basic exception is: a call to sspi failed
inner exception is: clientsThe client and server cannot communicate, because they do not possess a common algorithm
server is a little long and I add the part of code that exception happens and all of client code:
this is server:
public void AcceptCallBack(IAsyncResult ar)
{
// clients.Add(new myClient(server.EndAccept(ar)));
// try
// {
myClient c = new myClient();
// Socket handle = (Socket)ar.AsyncState;
TcpListener handle = (TcpListener)ar.AsyncState;
byte[] buff=new byte[2048] ;
// Socket hand = handle.EndAccept(out buff,ar);
TcpClient hand = handle.EndAcceptTcpClient(ar);
dowork.Set();
c.tcp = hand;
clients.Add(c);
// hand.BeginReceive(c.buffer, 0, c.buffer.Length, SocketFlags.None, new AsyncCallback(receiveIDCallBack), c);
using (SslStream sslStream = new SslStream(hand.GetStream()))
{
sslStream.AuthenticateAsServer(certificate);
// ... Send and read data over the stream
sslStream.BeginWrite(buff,0,buff.Length,new AsyncCallback(sendCallBack),c);
count++;
sslStream.BeginRead(c.buffer,0,c.buffer.Length,new AsyncCallback(receiveIDCallBack),c);
}
// }
// catch(Exception)
// {
// }
}//end of acceptcallback function
this is client:
using UnityEngine;
using System.Collections;
using System;
using System.Net;
using System.Net.Sockets;
using System.Text;
using System.Net.Security;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
public class sslCode : MonoBehaviour {
// private Socket _clientSocket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
private byte[] _recieveBuffer = new byte[8142];
static string server = "127.0.0.1";
TcpClient client;
public string message;
public string receive;
public string send;
private void SetupServer()
{
try
{
// client.Connect(new IPEndPoint(IPAddress.Parse("127.0.0.1"), 1500));
client = new TcpClient(server,1500);
message = "connected";
}
catch (SocketException ex)
{
Debug.Log(ex.Message);
message = ex.Message;
}
// _clientSocket.BeginReceive(_recieveBuffer, 0, _recieveBuffer.Length, SocketFlags.None, new AsyncCallback(ReceiveCallback), null);
// Create a secure stream
using (SslStream sslStream = new SslStream(client.GetStream(), false,
new RemoteCertificateValidationCallback(ValidateServerCertificate), null))
{
sslStream.AuthenticateAsClient(server);
// ... Send and read data over the stream
sslStream.BeginRead(_recieveBuffer, 0, _recieveBuffer.Length, new AsyncCallback(ReceiveCallback),null);
}
}
private bool ValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
throw new NotImplementedException();
}// end of setup server
private void ReceiveCallback(IAsyncResult AR)
{
//Check how much bytes are recieved and call EndRecieve to finalize handshake
using (SslStream sslStream = new SslStream(client.GetStream(), false,
new RemoteCertificateValidationCallback(ValidateServerCertificate), null))
{
sslStream.AuthenticateAsClient(server);
// ... Send and read data over the stream
int recieved = sslStream.EndRead(AR);
if (recieved <= 0)
return;
//Copy the recieved data into new buffer , to avoid null bytes
byte[] recData = new byte[recieved];
Buffer.BlockCopy(_recieveBuffer, 0, recData, 0, recieved);
//Process data here the way you want , all your bytes will be stored in recData
receive = Encoding.ASCII.GetString(recData);
//Start receiving again
sslStream.BeginRead(_recieveBuffer, 0, _recieveBuffer.Length, new AsyncCallback(ReceiveCallback), null);
}
}// end of receiveCallBack
private void SendData(string dd)
{
using (SslStream sslStream = new SslStream(client.GetStream(), false,
new RemoteCertificateValidationCallback(ValidateServerCertificate), null))
{
sslStream.AuthenticateAsClient(server);
// ... Send and read data over the stream
byte[] data = Encoding.ASCII.GetBytes(dd);
SocketAsyncEventArgs socketAsyncData = new SocketAsyncEventArgs();
socketAsyncData.SetBuffer(data, 0, data.Length);
sslStream.BeginWrite(data,0,data.Length,new AsyncCallback(sendcallback),null);
send = dd;
sslStream.BeginRead(_recieveBuffer, 0, _recieveBuffer.Length, new AsyncCallback(ReceiveCallback), null);
}
}
private void sendcallback(IAsyncResult ar)
{
}// end of send data
can this be problem of certificate file generated in vs or options of windows?
I searched a little more on internet and and I think there should be probability of algorithm mismatch that I use for my certificate file and what windows 8.1 can understand. i really don't know....
that algorithms that vs let me make for my certificate are "sha256RSA" and "sha1RSA" thanks for your help
thank you my friends, i finally could find my problem.
the code needed a little edit but the main problem wasnt the code.
the problem was from the way certificate files work. i just had generated a pfx file and gave its address to code below:
but now i made the pfx format in internet options and imported it to personal section, after that exported it to trusted root section, so cer format of that pfx file will be generateed that only contains the public key of that pfx file.
so right now code runs very well.
That's a Big Red Flag. Without knowing anything about the tools you use, the best guess is that you created a signing certificate. It is not suitable for key exchange. A failure-mode covered by this blog post.
Without knowing anything about your OS, I'd have to guess that you use Linux. In which case this question ought to be helpful. If that's a wrong guess then help yourself by googling "create self signed ssl certificate, add the appropriate keywords to select your OS and/or tool chain.