TCP服务器上的SslStream无法使用RemoteCertificateNotAvailable验证客户端证书 [英] SslStream on TCP Server fails to validate client certificate with RemoteCertificateNotAvailable
问题描述
问题是关于解决 SslPolicyErrors.RemoteCertificateNotAvailable 。服务器无法验证客户端证书。
我已经开发了一个带有SSLStream的TCP服务器和一个TCP客户端。
我使用这里提到的相应方法验证服务器和客户端。< br>
sslStream.BeginAuthenticateAsServer和sslStream.BeginAuthenticateAsClient。
我从Trusted Publishers - Local Machine加载我的客户端证书。
两者都在同一台机器上运行。
< br>我尝试从.cer和.pfx文件而不是受信任的发布商商店加载客户端证书。但是,通过发现SslPolicyErrors具有"RemoteCertificateNotAvailable",服务器的客户端(远程)证书验证器回调失败。作为错误。
谢谢!
CDP
Hi,
The questions is all about solving SslPolicyErrors.RemoteCertificateNotAvailable. Server fails to verify the client certificate.
I have developed a TCP Server with SSLStream and a TCP Client for the same.
I authenticate server and client both using respective methods as mentioned here.
sslStream.BeginAuthenticateAsServer and sslStream.BeginAuthenticateAsClient.
I am loading my client certificate from Trusted Publishers - Local Machine.
Both are running on the same machine.
I tried loading the client certificate from .cer and .pfx file rather than trusted publishers store. But server's client(remote) certificate validator callback fails by finding that SslPolicyErrors has "RemoteCertificateNotAvailable" as the error.
Thanks!
CDP
推荐答案
嗨CDP,
有几件事情可能会出错 - 如果没有您的密码,请稍微确定,但请检查以下内容:
1.客户证书应来自个人存储 - 而不是受信任的发布者
2.您的服务器身份验证行是否类似于:
sslStream.AuthenticateAsServer(serverCertificate,true,SslProtocols.Default,false);
希望这有助于
标记
Hi CDP,
There are a couple of things that could be going wrong - a little hard without your code to be sure but check the following:
1. Client certificate should be coming from the personal store - not the Trusted Publishers
2. Does your server authentication line look something like:
sslStream.AuthenticateAsServer(serverCertificate, true, SslProtocols.Default, false);
Hope this helps
Mark
这篇关于TCP服务器上的SslStream无法使用RemoteCertificateNotAvailable验证客户端证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!