Hello,
Is there anybody experienced with the sslStream.AuthenticateAsClient() method using a client certificate ? I try to authenticate a client with this certificate.
In fact I can connect to the server (clientSocket.Connect(serverEndPoint)) but when I use wrong certificates (rootCA and/or client) I can too. Which I think is not a consistent behavior.
So does the method work or am I wrong ?
Thanks for your help
Lionel
Code sample :
using (Socket clientSocket = new Socket(AddressFamily.InterNetwork,
SocketType.Stream,
ProtocolType.Tcp))
{
// Addressing
IPAddress ipAddress = IPAddress.Parse(dottedServerIPAddress);
IPEndPoint serverEndPoint = new IPEndPoint(ipAddress, port);
// Connecting
Debug.Print("Connecting to server " + serverEndPoint);
clientSocket.Connect(serverEndPoint);
Debug.Print("Connected to server");
using (SslStream sslStream = new SslStream(clientSocket))
{
X509Certificate rootCA = new X509Certificate(
Encoding.UTF8.GetBytes(@ "-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----"));
X509Certificate clientCert = new X509Certificate(
Encoding.UTF8.GetBytes(@ "-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----"));
sslStream.AuthenticateAsClient(
"server.com",
clientCert ,
new X509Certificate[] { rootCA },
SslVerification.CertificateRequired,
SslProtocols.Default
);
}
}