TLS/SSL connection in WinRT

Question

According to following documentation

http://msdn.microsoft.com/en-US/library/windows/apps/hh780595

TLS protocol is based on IETF RFC 5246 which is TLS version 1.2 and only available in using the StreamSocket object as the client in the SSL/TLS negotiation.

So, here is my questions

1. Is there any way to initiate a secured connection which is in SSL v2/v3 or TLS v1.0 in WinRT ?

2. Is the WinRT SSL/TLS negotiation( ConnectAsync, UpgradeToSslAsync ) interoperable to OpenSSL 0.9.x or OpenSSL 1.0.1. Anyone use use it as a client and OpenSSL as server?

Answer 1

Hello,

 

 I will involve more experts to investigate it.

 

Best regards,

Jesse

---

Jesse Jiang
MSDN Community Support | Feedback to us
Develop and promote your apps in Windows Store
Please remember to mark the replies as answers if they help and unmark them if they provide no help.

Answer 2

Hi all !

I would like to here something from MS expert in this regard. Here I am adding another problem.

3.  Failed to get a TLS connection with MS lync 2010 at port 5061. The error is HRESULT:0x80096004

The signature of the certificate cannot be verified.

4. Is there any straight forward way of verifying digital certificates and certificate authorities ? a bit more clarification is need.

Answer 3

Above issue has been resolved. Summary is here...

Streamsocket secured connection is based on IETF RFC 5246 which is TLS version 1.2. In general in SSL/TLS negotiation client - server exchange ciphers among them and then decide which will be use. So this version support up to TLS v 1.2. It is also interoperable with Openssl ssl2/ssl3/tls.

The new thing is here that, it goes into a certification chain verification which verify server credentials. So in Windows Store Apps the CN name of provided certificate must be same with the domain name of target destination.