by Prakash Prabhu
posted on 2004/04/01 |
|
Hi,
I used following code to create my server socket. But It always throws me a argument exception while creating new securesocket
Exception is "If a certificate is specified, it must have a private key."
I any one can help me regarding this
Certificate cert = Certificate.CreateFromCerFile(@"C:\Cert\a1.cer");
cert.AssociateWithPrivateKey(@"C:\Cert\a1.pvk", "hello", false);
SecurityOptions options = new SecurityOptions(
SecureProtocol.Ssl3 , // use SSL3 or TLS1
cert, // do not use client authentication
ConnectionEnd.Server, // this is the client side
CredentialVerification.None, // do not check the certificate -- this should not be used in a real-life application :-)
null, // not used with automatic certificate verification
"Server", // this is the common name of the Microsoft web server
SecurityFlags.Default, // use the default security flags
SslAlgorithms.SECURE_CIPHERS, null); // only use secure ciphers
sock = new SecureSocket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp, options); |
by Pieter Philippaerts [Pieter at mentalis dot org]
posted on 2004/04/01 |
|
A .cer file only contains a public key, not a private key. As a result, the Security Library cannot use that certificate since it requires access to the private key in order to successfully negotiate with another computer.
Try using .pfx files instead. |
by Wayne Citrin [citrin at jnbridge dot com]
posted on 2004/07/27 |
|
Hi Pieter --
If this is the case, then what is the function of AssociateWithPrivateKey()? I am trying the same thing. AssociateWithPrivateKey works fine, but it doesn't seem to "take" if I call HasPrivateKey immediately after.
How, then, would one use a .cer file on a server if not by associating a .pvk file with it. You did the same thing in your sample WebServer code.
It's good to say we should use a .pfx file, but users may only have .cer files. |
