Main Site Documentation

Socket with sslStream and Client certificate



Is there anybody experienced with the sslStream.AuthenticateAsClient() method using a client certificate ? I try to authenticate a client with this certificate.

In fact I can connect to the server (clientSocket.Connect(serverEndPoint)) but when I use wrong certificates (rootCA and/or client) I can too. Which I think is not a consistent behavior.

So does the method work or am I wrong ?

Thanks for your help

Code sample :

using (Socket clientSocket = new Socket(AddressFamily.InterNetwork,
                // Addressing
                IPAddress ipAddress = IPAddress.Parse(dottedServerIPAddress);
                IPEndPoint serverEndPoint = new IPEndPoint(ipAddress, port);

                // Connecting
                Debug.Print("Connecting to server " + serverEndPoint);
                Debug.Print("Connected to server");

                using (SslStream sslStream = new SslStream(clientSocket))
                    X509Certificate rootCA = new X509Certificate(
                    Encoding.UTF8.GetBytes(@ "-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----"));

                    X509Certificate clientCert = new X509Certificate(
                   Encoding.UTF8.GetBytes(@ "-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----"));

                        clientCert ,
                        new X509Certificate[] { rootCA },


From the release notes for the latest GHI SDK:

[quote◦SSL works correctly. However, certification verification can fail.

Could this be related to the problem?


Yes, that’s correct.


Hello, thanks for your help.

We finally changed the technology to use.

But I would be interested to be informed about the evolution of this issue. Is there a research done about the reason of the problem ?



This should be fixed in new coming NETMF 4.2 in later this year


Ok, thanks for your answer.