SSL AuthenticateAsClient error

rnafisi · April 15, 2016, 11:23am

I have a project in which I am attempting to connect to a remote server on port 8883 via TLS 1.0 in order to perform communication using MQTT-S protocol.

About 1/3 of the time that I run the solution the board is able to successfully authenticate with the server and everything works great.

However, the other times, I am receiving a strange error that I have not been able to find much information about.

#### Exception System.Net.Sockets.SocketException - CLR_E_FAIL (12) ####
    #### Message: 
    #### Microsoft.SPOT.Net.Security.SslNative::SecureConnect [IP: 0000] ####
    #### Microsoft.SPOT.Net.Security.SslStream::Authenticate [IP: 0060] ####
    #### Microsoft.SPOT.Net.Security.SslStream::AuthenticateAsClient [IP: 000c] ####
    #### Microsoft.SPOT.Net.Security.SslStream::AuthenticateAsClient [IP: 000a] ####
    #### uPLibrary.Networking.M2Mqtt.MqttNetworkChannel::Connect [IP: 00d3] ####
    #### uPLibrary.Networking.M2Mqtt.MqttClient::Connect [IP: 0029] ####
    #### uPLibrary.Networking.M2Mqtt.MqttClient::Connect [IP: 0016] ####
    #### rIoT.M2X.M2XClient+<>c__DisplayClass3::<.ctor>b__0 [IP: 0029] ####
    #### SocketException ErrorCode = 5
    #### SocketException ErrorCode = 5
A first chance exception of type 'System.Net.Sockets.SocketException' occurred in Microsoft.SPOT.Net.Security.dll
    #### SocketException ErrorCode = 5
    #### SocketException ErrorCode = 5
    #### SocketException ErrorCode = 5
    #### SocketException ErrorCode = 5
A first chance exception of type 'System.Net.Sockets.SocketException' occurred in System.Net.Security.dll
    #### SocketException ErrorCode = 5
    #### SocketException ErrorCode = 5

The documentation for socket error 5 is:
RTSSL_X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE - “The certificate revocation list signature could not be decrypted.”

Which when searched about, little comes up.

This is my code to connect to the server:


                IPAddress hostIP = IPAddress.Parse(hostName);
                IPEndPoint ep = new IPEndPoint(hostIP, port);

                Socket socket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
                socket.Connect(ep);

                SslStream sslStream = new SslStream(socket);
                sslStream.AuthenticateAsClient(hostIP.ToString(), null, SslVerification.CertificateRequired, SslProtocols.TLSv1);

Any idea why this may be happening? Thanks in advance.

Dat_Tran · April 15, 2016, 2:20pm

@ rnafisi -

Look like memory is leak so after working for awhile then no more memory to parse SSL certificate. Print out free memory for sure.

I am not familiar with MQTT but if you can and your project doesn’t need to change the host IP, try to connect server only once and keep the socket connection.