I have seen several older posts regarding SslStream. None of them seemed to have a conclusion. Since it has been awhile since the older posts I am looking for an update. I have created the socket and endpoint. Opened the connection and attempted authentication. I cannot get the authenticateasclient function to work. The authentication keeps failing. The server cert is the same name as the host. Any other ideas? Or does the gadget even support this?
Server side:
TcpClient client = listener.AcceptTcpClient();
SslStream sslStream = new SslStream(client.GetStream(), false, RemoteCertificateValidationCB);
sslStream.AuthenticateAsServer(ServerCertificate, false, SslProtocols.Default, true);
Client side:
Socket client = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
IPEndPoint remoteEndPoint = new IPEndPoint(IPAddress.Parse(âxx.xx.xx.xxâ), xxxx);
client.Connect(remoteEndPoint);
SslStream sslStream = new SslStream(client);
sslStream.AuthenticateAsClient(TCPserver, null, SslVerification.CertificateRequired, SslProtocols.Default);
The exception is not much help.
A first chance exception of type âSystem.NotSupportedExceptionâ occurred in Microsoft.SPOT.Net.Security.dll
A first chance exception of type âSystem.NotSupportedExceptionâ occurred in System.Net.Security.dll
Exception was thrown: System.NotSupportedException.
Exception System.NotSupportedException - CLR_E_NOT_SUPPORTED (1)
Message:
Microsoft.SPOT.Net.Security.SslNative::SecureClientInit [IP: 0000]
Microsoft.SPOT.Net.Security.SslStream::Authenticate [IP: 0051]
Microsoft.SPOT.Net.Security.SslStream::AuthenticateAsClient [IP: 000c]
Microsoft.SPOT.Net.Security.SslStream::AuthenticateAsClient [IP: 000a]
Iâm using the FEZ Spider. Iâm assuming that when you state:
Target -> Manage Device Key -> Update SSL Seed
I should be looking in the properties of the project. Iâm using VS2010 Express and donât see anything there referencing Target or Manage Device Key.
Looking at the description of the product it states:
Based on GHI Electronics EMX module Full TCP/IP Stack with SSL, HTTP, TCP, UDP, DHCPâŚso it must be supported.
âŚso I researched MFDeploy and see that it is a Microsoft program of itself. I will attempt to use MFDeploy tonight when I get back to the device. It looks like I need to select a certificate for the deployment. Iâm I selecting the server certificate? Iâm not using a client certificate.
Thanks for the quick reply too.
@ chad21mycoopers. You update the SSL Seed on your Spider using MFDeploy.
1 Like
After some research I realize it is not part of VS but another program. It looks like I need to select a certificate for deployment. Do I need to select the server certificate? Iâm not using a client certificate.
I see now. It is in the dropdown menu. I was looking at the main window where there is a flag to âUse SSLâ and set a certificate. I will give it a try tonight and provide an update. Thanks for the guidance.
Up and running guys. Thanks!
There is not a difference. I thought that I choose both of them as the answer? I checked the box for #3. Thanks again.
@ chad21mycoopers - You can only mark one post as the answer. Previously marked will be âunmarkedâ automatically.