Does the current SSL implementation work with wildcard certificates? So I did this on the server.
server.NetworkServer.UseTLS = true; // Enable traffic encryption server.NetworkServer.CertificateThumbprint = "87954321F61F268F72D6A9D8864C3EAB7654321E";
and changed the client connection Url to https:// instead of http://. I received this error:
Error: System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at RemObjects.InternetPack.SslConnection.InitializeClientConnection()
at RemObjects.InternetPack.Client.GetConnection(IPAddress host, Int32 port)
at RemObjects.InternetPack.Http.HttpClient.GetConnection(IPAddress host, Int32 port)
at RemObjects.InternetPack.Http.HttpClient.GetHttpConnection(Boolean enableSSL, String targetHost, Int32 targetPort, String connectionHost, Int32 connectionPort)
at RemObjects.InternetPack.Http.HttpClient.TryDispatch(HttpClientRequest request)
at RemObjects.SDK.IpHttpClientChannel.IntDispatch(Stream request, IMessage response) in c:\ci\b\rofx\932\RemObjects SDK for .NET\Source\RemObjects.SDK\ClientChannels\IpHttpClientChannel.cs:line 367
at RemObjects.SDK.ClientChannel.Dispatch(IMessage message) in c:\ci\b\rofx\932\RemObjects SDK for .NET\Source\RemObjects.SDK\ClientChannels\ClientChannel.cs:line 332
at Chronicle.DataAccess.Remote2.VersionService_Proxy.GetVersionInfo() in C:\Users\Todd\documents\visual studio 2015\Projects\LatestClientTest\LatestClientTest\Chronicle_DataAccess_Remote2_Intf.cs:line 13435
at LatestClientTest.MainForm.btnVersion_Click(Object sender, EventArgs e) in C:\Users\Todd\documents\visual studio 2015\Projects\LatestClientTest\LatestClientTest\MainForm.cs:line 127
I then referred to the this article. And added this to the client:
#region Constructors public DataModule() { this.InitializeComponent(); this.message.ClientID = Guid.NewGuid();
this.IsLoggedOn = false; CheckCert(); } private void CheckCert() { string hash = string.Empty; this.clientChannel.SslOptions.ValidateRemoteCertificate += (sender, e) => { e.Cancel = false; hash = e.Certificate.GetCertHashString(); //e.Cancel = e.Cancel || e.Certificate.GetCertHashString() != "14A419D5339390B49045963D1BE81B39D03E5944"; }; MessageBox.Show(hash); }
and because I override the validation cancel it works. Shouldn’t this just work? Am I missing something? Please advise.
P.S. e.Certificate.GetCertHashString() return nothing