locked
TLS/SSL connection in WinRT

    Question

  • According to following documentation

    http://msdn.microsoft.com/en-US/library/windows/apps/hh780595

    TLS protocol is based on IETF RFC 5246 which is TLS version 1.2 and only available in using the StreamSocket object as the client in the SSL/TLS negotiation.

    So, here is my questions

    1. Is there any way to initiate a secured connection which is in SSL v2/v3 or TLS v1.0 in WinRT ?

    2. Is the WinRT SSL/TLS negotiation( ConnectAsync, UpgradeToSslAsync ) interoperable to OpenSSL 0.9.x or OpenSSL 1.0.1. Anyone use use it as a client and OpenSSL as server?

    Friday, April 26, 2013 9:42 AM

Answers

  • Above issue has been resolved. Summary is here...

    Streamsocket secured connection is based on IETF RFC 5246 which is TLS version 1.2. In general in SSL/TLS negotiation client - server exchange ciphers among them and then decide which will be use. So this version support up to TLS v 1.2. It is also interoperable with Openssl ssl2/ssl3/tls.

    The new thing is here that, it goes into a certification chain verification which verify server credentials. So in Windows Store Apps the CN name of provided certificate must be same with the domain name of target destination.


    Friday, May 17, 2013 6:51 PM

All replies

  • Hello,

     

     I will involve more experts to investigate it.

     

    Best regards,

    Jesse


    Jesse Jiang
    MSDN Community Support | Feedback to us
    Develop and promote your apps in Windows Store
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Monday, April 29, 2013 2:37 AM
  • Hi all !

    I would like to here something from MS expert in this regard. Here I am adding another problem.

    3.  Failed to get a TLS connection with MS lync 2010 at port 5061. The error is HRESULT:0x80096004

    The signature of the certificate cannot be verified.

    4. Is there any straight forward way of verifying digital certificates and certificate authorities ? a bit more clarification is need.




    Friday, May 03, 2013 7:07 AM
  • Above issue has been resolved. Summary is here...

    Streamsocket secured connection is based on IETF RFC 5246 which is TLS version 1.2. In general in SSL/TLS negotiation client - server exchange ciphers among them and then decide which will be use. So this version support up to TLS v 1.2. It is also interoperable with Openssl ssl2/ssl3/tls.

    The new thing is here that, it goes into a certification chain verification which verify server credentials. So in Windows Store Apps the CN name of provided certificate must be same with the domain name of target destination.


    Friday, May 17, 2013 6:51 PM