HttpListener exception with SSL

TinyCLR OS
1

Hi,

A mini HTTP server runs on FezDuino with success.
However I would like to secure it with TLS because most browsers refuse today to connect to insecured sources.

I implement the following code with TLS certificate and key placed inside the projects ServerResources :

_webServer = new HttpListener("https")
{
    HttpsCert = new X509Certificate(ServerResources.GetBytes(ServerResources.BinaryResources.servercert))
    {
        PrivateKey = ServerResources.GetBytes(ServerResources.BinaryResources.serverkey)
    }
};

When a client tries to connect to my HTTPS server this exception occurs :

#### Exception System.InvalidOperationException - CLR_E_INVALID_OPERATION (8) ####
#### Message: 
#### GHIElectronics.TinyCLR.Devices.Network.Provider.NetworkControllerApiWrapper::AuthenticateAsServer [IP: 0000] ####
#### System.Net.Security.SslStream::AuthenticateAsServer [IP: 0011] ####
#### System.Net.HttpListener::AcceptThreadFunc [IP: 0096] ####

I’m looking for in “HttpListener” class the method “AcceptThreadFunc” and I see SSL Protocol is None. Is it the evidence of my exception ? What do you think ?

networkStream = new SslStream(socket);
((SslStream)networkStream).AuthenticateAsServer(m_httpsCert, SslProtocols.None);
2

How did you have the certificate? Is this certificate for testing?

and try with System.Security.Authentication.SslProtocols.Tls12, instead of None

sslStream.AuthenticateAsServer(your_serverCertificate, System.Security.Authentication.SslProtocols.Tls12)
3

Hi Dat,

I created the certificate like as mentionned on the GHI tutorial page via OpenSSL :
https://docs.ghielectronics.com/software/tinyclr/tutorials/tls-server.html

And I cannot modify sslStream because I use the HttpListener object in GHIElectronics.TinyCLR.Networking.Http. This sslStream is created and set up in “AcceptThreadFunc” method…

4

Could you add to github issue and we will look into asap?

5

It has been fixed