none
tcp secure connection error RRS feed

  • Question

  • Hi I am new to Ssl. I am trying to connect to a rules engine via tcp secure connection. The rules engine server has CA certificate call it "rulestest.cer". These are the steps I am following: 

    1) I copied the rules engine certificate and installed it on my laptop in the Trusted Root Certification Authority directory in mmc

     2)connect to rules engine with server ip and port: this step succeeds.

    3) create sslStream : this step also succeeds.

    4) the error occurs at sslStream.authenticateasserver("rulestest.cer") :connection was forcibly closed ...

    I  found Ssl Server\Client application in msdn and tried to experiment with it : the server console application part creates a X509Certicate2 from rulestest.cer. And in the client part I provide the same rulestest.cer as in step (4). I run the client on a new instance of visual studio. I get error:SSL server mode must use a certificate with the corresponding private key. 

    Honestly I do not understand exactly how tcp ssl works. My understanding is that when a client connects  the listening server will pass a certificate to the client. If the client has that same certificate then it can send  encrypted messages to the server. 

    What I do not understand is the private key  on the client side.How it is  created and used. 

    Please  show how I can get this console app work so that I get better understanding of the process.

     


    Saturday, August 11, 2018 9:45 PM

All replies

  • Hi,

    Can you share how you are creating certificate and which SSL protocal you are using?


    Thanks,
    Vivek Bansod
    Blog | MSDN | LinkedIn
     

    Monday, August 13, 2018 7:05 AM
  • Thanks Vivek :  the certificate was created by CA on remote server and shared. I installed it on my laptop by clicking on it and follow  steps. I added it to Root Authentication. The second scenario I created it with IIS tool (.pfx). Both of approaches generate error: the first says connection was forcibly closed. The second says: ssl server mode must have corresponding private key
    Monday, August 13, 2018 10:46 AM