SSL and Wildcard Certificates?

Data Abstract
, , ,
1

Does the current SSL implementation work with wildcard certificates? So I did this on the server.

        server.NetworkServer.UseTLS = true;                                    // Enable traffic encryption
        server.NetworkServer.CertificateThumbprint = "87954321F61F268F72D6A9D8864C3EAB7654321E";

and changed the client connection Url to https:// instead of http://. I received this error:

Error: System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at RemObjects.InternetPack.SslConnection.InitializeClientConnection()
at RemObjects.InternetPack.Client.GetConnection(IPAddress host, Int32 port)
at RemObjects.InternetPack.Http.HttpClient.GetConnection(IPAddress host, Int32 port)
at RemObjects.InternetPack.Http.HttpClient.GetHttpConnection(Boolean enableSSL, String targetHost, Int32 targetPort, String connectionHost, Int32 connectionPort)
at RemObjects.InternetPack.Http.HttpClient.TryDispatch(HttpClientRequest request)
at RemObjects.SDK.IpHttpClientChannel.IntDispatch(Stream request, IMessage response) in c:\ci\b\rofx\932\RemObjects SDK for .NET\Source\RemObjects.SDK\ClientChannels\IpHttpClientChannel.cs:line 367
at RemObjects.SDK.ClientChannel.Dispatch(IMessage message) in c:\ci\b\rofx\932\RemObjects SDK for .NET\Source\RemObjects.SDK\ClientChannels\ClientChannel.cs:line 332
at Chronicle.DataAccess.Remote2.VersionService_Proxy.GetVersionInfo() in C:\Users\Todd\documents\visual studio 2015\Projects\LatestClientTest\LatestClientTest\Chronicle_DataAccess_Remote2_Intf.cs:line 13435
at LatestClientTest.MainForm.btnVersion_Click(Object sender, EventArgs e) in C:\Users\Todd\documents\visual studio 2015\Projects\LatestClientTest\LatestClientTest\MainForm.cs:line 127

I then referred to the this article. And added this to the client:

    #region Constructors
    public DataModule()
    {
        this.InitializeComponent();
        this.message.ClientID = Guid.NewGuid();

        this.IsLoggedOn = false;
        CheckCert();
    }
    private void CheckCert()
    {
        string hash = string.Empty;
        this.clientChannel.SslOptions.ValidateRemoteCertificate += (sender, e) =>
        {
            e.Cancel = false;
            hash = e.Certificate.GetCertHashString();
            //e.Cancel = e.Cancel || e.Certificate.GetCertHashString() != "14A419D5339390B49045963D1BE81B39D03E5944";
        };
        MessageBox.Show(hash);
    }

and because I override the validation cancel it works. Shouldn’t this just work? Am I missing something? Please advise.

P.S. e.Certificate.GetCertHashString() return nothing

2

Hello

This method should always return something for a non-null certificate.

This means that Windows thinks that the provided certificate is not valid for some reason. Chck the SslPolicyErrors property of the event args object or open the server’s Http info page at https://localhost:8099/ and the browser will say you what is wrong with the provided certificate.

Hope that helps