I am trying to use UpgradeToSslAsync() for StreamSocket in MetroApp.
The use case is :
Win32 app using socket2 first connects and communicates with talk.google.com:5222.
Later it sends schannel requests to gmail.com. It seems, win32 schannel code needs only the remote host name, (no service name or port name is required). [This phase is for user authentication]
Then my app send-s/recv-s encrypted/decrypted data to/from the talk.google.com (gmail.com).
----
Now in MetroApp, I do not have access to schannel resources. So, I wanted to use UpgradeToSslAsync. My understanding is, it should be set on the socket connection established with talk.google.com, because that's where the encrypted data goes to, and
decrypted data comes from. And, I do not need to encrypt/decrypt anything myself. But, when I try to UpgradeToSslAsync on that connection I get this error:
"The certificate's CN name does not match the passed value."
It seems to me talk.google.com server does not have valid certificate or does not clear my request for whatever value my UpgradeToSslAsync() had passed to it.
I was thinking of building a connection to gmail.com and UpgradeToSslAsync it, but that does not help me, because my communication is with talk.google.com.
So, the summary is:
Schannel allows certificate authentication from one server, and then use data transfer with another. which (probably) does not have valid certificate but does support ssl communication).
UpgradeToSslAsync() in contrast requires the server have valid certificate and then data transfer. How do I resolve the error:
"The certificate's CN name does not match the passed value." I am getting.
Thanks in advance.
Related links:
DektopApp:
InitializeSecurityContext
http://msdn.microsoft.com/en-us/library/windows/desktop/aa375924(v=vs.85).aspx
MetroApp:http://msdn.microsoft.com/en-us/library/windows/apps/windows.networking.sockets.streamsocket.upgradetosslasync
sua
Schannel by using UpgradeSllAsync - a few issues.
