Welcome to Inkbunny...
Allowed ratings
To view member-only content, create an account. ( Hide )
Zeikcied

Anyone know C#?

I could use some help on something.  And it would be nice to know of someone I can pester whenever I have more questions.

Right now, though, I want to know how to go about setting up a program to use SSL.  I found some examples on basic HTTP request and response, but it didn't include SSL.

I have an idea that I'd like to play around with, but I need to know how to handle SSL before I can do anything.  (And I'm not sure if I should program it using Mono and GTK# or code it in my Windows XP Virtual Machine with .NET and WinForms.  The former would be easier for me because I use Linux, while the latter would make it easier to send to people for testing if necessary.)
Viewed: 34 times
Added: 7 years, 3 months ago
 
Catwheezle
7 years, 3 months ago
I've dabbled a while back, but I'm no pro.

Far as I remember, C# doesn't care whether you're using HTTP or HTTPS: use either as the URL and it'll happily create you a stream, and transparently handle any encryption necessary. C# makes your life EASY.

So this should work (untested):

try {
    Uri uri = new Uri("https://inkbunny.net/journalview.php?id=16861");
    WebRequest request = HttpWebRequest.Create(uri);
    HttpWebResponse response = (HttpWebResponse) request.GetResponse();
    Stream stream = response.GetResponseStream();
}
catch(IOException e) { Console.WriteLine("Failed to connect to URI"); }
catch(UriFormatException e) { Console.WriteLine("Bad URI format"); }
Zeikcied
7 years, 3 months ago
I get an error saying that the server returned an invalid certificate.  So...I'm confused.
Catwheezle
7 years, 3 months ago
Ah, that's a different thing: it means that HTTPS/SSL/TLS/whatever is working fine, but it thinks the certificate that the server is using, is bad.

There's probably some way to find out exactly what's bad about it from the exception (out of date, untrusted authority, etc), but odds are, your C# doesn't have the root certificate authority in its certificate store.

I'd *guess* that C# uses the same cert store as IE, so pointing IE at the URL should give you the same error. If not, I guess Google something like "add root certificate authority to C#".
Zeikcied
7 years, 3 months ago
I tested the code using Mono on Linux, so there's no IE.

I found a page in the Mono FAQ that talks about SSL root certificates, and I used certmgr to import the Inkbunny.net cert.  But when I run the program, it still throws an exception telling me that the signature is invalid.  Even certmgr complained about the signature being invalid, but it appears to have installed the certificate regardless (only after prompting me, of course).

I'm confused.  Firefox doesn't have any problem with the certificate.
Zeikcied
7 years, 3 months ago
I tried testing it against https://encrypted.google.com and it gave me the same "invalid certificate" error.  Then I found and tested some examples in the Mono documentation about handling SSL certs, and the ones I tested fail with the same error.

I'm so confused.
Catwheezle
7 years, 3 months ago
Sounds like a bug in mono, to me.

*googles "mono root certificate"*

http://www.mono-project.com/FAQ:_Security#Why_doesn.27...

Not a bug: it's their policy. They don't include *any* root certificates, and you have to install them yourself.
Zeikcied
7 years, 3 months ago
From what I've been told on the UbuntuForums, the version of Mono that comes with my Linux distro doesn't handle SSL properly.  The new version of the distro comes out next month, and hopefully it has a more current Mono.
Catwheezle
7 years, 3 months ago
Well... poo :(
Catwheezle
7 years, 3 months ago
On the other hand, if you mean you want to open a non-URI-based SSL tunnel, or something, then maybe look at System.Net.Security.SslStream.
Manafox
7 years, 3 months ago
My knowledge of C# is quite limited, so I'm not of much use here. |3;
Pentor
7 years, 3 months ago
Reading your comments, I suggest you go to www.stackoverflow.com, login and ask your question there with a much clearer description of what it is you're trying to accomplish and some code examples.

If this has to do with IRC, then yeah, most SSL connections to IRC servers use outdated certificates which the owners are never going to update.
New Comment:
Move reply box to top
Log in or create an account to comment.