|
Forums -> Security Library Forum
webserver example problems |
|
|
by Carlos posted on 2004/11/13 |
|
Whenever I run the webserver example with certificates generated using makecert from .net I have problems with the webserver responding to requests. Here is the console output of the webserver example:
This test class implements a small HTTP server that supports HTTP and HTTPS. It
always returns the same static page.
Please enter the IP address of the network adapter to listen on [use 0.0.0.0 to
listen on all installed network adapters]:
0.0.0.0
Please enter the port to listen on [or 0 to automatically select one]:
30009
Please enter the security protocol you wish to use for incoming connections:
[1] None
[2] SSL3
[3] TLS1
[4] SSL3 and TLS1
2
How do you want to load the certificate?
1 = from certificate store
2 = from PFX/P12 file
3 = from .cer file
3
Enter the full path of the certificate file:
c:\mycert.cer
The certificate is not associated with a private key. Please enter the path to a
PVK file you want to associate it with:
c:\mycert.pvk
Using the following certificate:
CERTIFICATE:
Format: X509
Name: amsoftware
Issuing CA: amsoftware
Key Algorithm: 1.2.840.113549.1.1.4
Serial Number: 59FF7CC86C49A683407D2F634C5F57DD
Key Alogrithm Parameters: 0500
Public Key: 30818902818100D16C9DD82111883DA51B6DB1DE11DF7F0AB93ACBAA88C
A609F54FB0B7A74B6170E6BD3511D55D13CAB1AFDAC8FF11E1D4427CC8EAC887A95A399D9669FECA
18A5CBCC3B29368E16CD51F04BFB2B92E489EDE1715F7147502F4F20497A4222AE82CDD0A0FA8F6D
EFAE97FCCA49C4A7C2BDE7AF7A0D68EC5AF80FFA34FF11BC4230203010001
Press CTRL-BREAK to kill the server.
Listening on 0.0.0.0:30009
Incoming socket accepted.
Receiving HTTP request...
Client closed connection too soon.
Waiting for another connection...
Incoming socket accepted.
Receiving HTTP request...
Error while receiving data from client [An error occurs while communicating with
the remote host.
Org.Mentalis.Security.Ssl.Shared.SslException: The client hello message uses a p
rotocol that was not recognized.
at Org.Mentalis.Security.Ssl.Shared.CompatibilityLayer.ProcessClientHello(Byt
e[] bytes, Int32 offset, Int32 size) in C:\downloads\seclib-1.0\seclib-1.0\secli
b\Security\Ssl\Shared\CompatibilityLayer.cs:line 147
at Org.Mentalis.Security.Ssl.Shared.CompatibilityLayer.ProcessHello(Byte[] by
tes, Int32 offset, Int32 size) in C:\downloads\seclib-1.0\seclib-1.0\seclib\Secu
rity\Ssl\Shared\CompatibilityLayer.cs:line 73
at Org.Mentalis.Security.Ssl.Shared.SocketController.OnReceive(IAsyncResult a
r) in C:\downloads\seclib-1.0\seclib-1.0\seclib\Security\Ssl\Shared\SocketContro
ller.cs:line 82].
Org.Mentalis.Security.SecurityException: An error occurs while communicating wit
h the remote host.
Org.Mentalis.Security.Ssl.Shared.SslException: The client hello message uses a p
rotocol that was not recognized.
at Org.Mentalis.Security.Ssl.Shared.CompatibilityLayer.ProcessClientHello(Byt
e[] bytes, Int32 offset, Int32 size) in C:\downloads\seclib-1.0\seclib-1.0\secli
b\Security\Ssl\Shared\CompatibilityLayer.cs:line 147
at Org.Mentalis.Security.Ssl.Shared.CompatibilityLayer.ProcessHello(Byte[] by
tes, Int32 offset, Int32 size) in C:\downloads\seclib-1.0\seclib-1.0\seclib\Secu
rity\Ssl\Shared\CompatibilityLayer.cs:line 73
at Org.Mentalis.Security.Ssl.Shared.SocketController.OnReceive(IAsyncResult a
r) in C:\downloads\seclib-1.0\seclib-1.0\seclib\Security\Ssl\Shared\SocketContro
ller.cs:line 82 ---> Org.Mentalis.Security.Ssl.Shared.SslException: The client h
ello message uses a protocol that was not recognized.
at Org.Mentalis.Security.Ssl.Shared.CompatibilityLayer.ProcessClientHello(Byt
e[] bytes, Int32 offset, Int32 size) in C:\downloads\seclib-1.0\seclib-1.0\secli
b\Security\Ssl\Shared\CompatibilityLayer.cs:line 147
at Org.Mentalis.Security.Ssl.Shared.CompatibilityLayer.ProcessHello(Byte[] by
tes, Int32 offset, Int32 size) in C:\downloads\seclib-1.0\seclib-1.0\seclib\Secu
rity\Ssl\Shared\CompatibilityLayer.cs:line 73
at Org.Mentalis.Security.Ssl.Shared.SocketController.OnReceive(IAsyncResult a
r) in C:\downloads\seclib-1.0\seclib-1.0\seclib\Security\Ssl\Shared\SocketContro
ller.cs:line 82
--- End of inner exception stack trace ---
at Org.Mentalis.Security.Ssl.SecureSocket.EndReceive(IAsyncResult asyncResult
) in c:\downloads\seclib-1.0\seclib-1.0\seclib\security\ssl\securesocket.cs:line
499
at Org.Mentalis.Security.Ssl.SecureSocket.Receive(Byte[] buffer, Int32 offset
, Int32 size, SocketFlags socketFlags) in c:\downloads\seclib-1.0\seclib-1.0\sec
lib\security\ssl\securesocket.cs:line 446
at WebServer.StartServer(IPEndPoint ep, SecureProtocol sp, Certificate cert)
in C:\downloads\seclib-1.0\seclib-1.0\Samples\SSL\WebServer\WebServer.cs:line 22
9
Waiting for another connection...
Incoming socket accepted.
Receiving HTTP request...
Client closed connection too soon.
Waiting for another connection... |
by Carlos posted on 2004/11/14 |
|
Firefox finally asked me (didn't make any changes) to accept the certificate, and after that it just told me that the connection terminated unexpectedly.
Here is the console output of the webserver:
Waiting for another connection...
Incoming socket accepted.
Receiving HTTP request...
Error while receiving data from client [An error occurs while communicating with
the remote host.
Org.Mentalis.Security.Ssl.Shared.SslException: An error occurred during the decr
yption and verification process.
at Org.Mentalis.Security.Ssl.Shared.RecordLayer.UnwrapMessage(RecordMessage m
essage) in C:\downloads\seclib-1.0\seclib-1.0\seclib\Security\Ssl\Shared\RecordL
ayer.cs:line 300
at Org.Mentalis.Security.Ssl.Shared.RecordLayer.ProcessBytes(Byte[] buffer, I
nt32 offset, Int32 size) in C:\downloads\seclib-1.0\seclib-1.0\seclib\Security\S
sl\Shared\RecordLayer.cs:line 364
at Org.Mentalis.Security.Ssl.Shared.SocketController.OnReceive(IAsyncResult a
r) in C:\downloads\seclib-1.0\seclib-1.0\seclib\Security\Ssl\Shared\SocketContro
ller.cs:line 88].
Org.Mentalis.Security.SecurityException: An error occurs while communicating wit
h the remote host.
Org.Mentalis.Security.Ssl.Shared.SslException: An error occurred during the decr
yption and verification process.
at Org.Mentalis.Security.Ssl.Shared.RecordLayer.UnwrapMessage(RecordMessage m
essage) in C:\downloads\seclib-1.0\seclib-1.0\seclib\Security\Ssl\Shared\RecordL
ayer.cs:line 300
at Org.Mentalis.Security.Ssl.Shared.RecordLayer.ProcessBytes(Byte[] buffer, I
nt32 offset, Int32 size) in C:\downloads\seclib-1.0\seclib-1.0\seclib\Security\S
sl\Shared\RecordLayer.cs:line 364
at Org.Mentalis.Security.Ssl.Shared.SocketController.OnReceive(IAsyncResult a
r) in C:\downloads\seclib-1.0\seclib-1.0\seclib\Security\Ssl\Shared\SocketContro
ller.cs:line 88 ---> Org.Mentalis.Security.Ssl.Shared.SslException: An error occ
urred during the decryption and verification process.
at Org.Mentalis.Security.Ssl.Shared.RecordLayer.UnwrapMessage(RecordMessage m
essage) in C:\downloads\seclib-1.0\seclib-1.0\seclib\Security\Ssl\Shared\RecordL
ayer.cs:line 300
at Org.Mentalis.Security.Ssl.Shared.RecordLayer.ProcessBytes(Byte[] buffer, I
nt32 offset, Int32 size) in C:\downloads\seclib-1.0\seclib-1.0\seclib\Security\S
sl\Shared\RecordLayer.cs:line 364
at Org.Mentalis.Security.Ssl.Shared.SocketController.OnReceive(IAsyncResult a
r) in C:\downloads\seclib-1.0\seclib-1.0\seclib\Security\Ssl\Shared\SocketContro
ller.cs:line 88
--- End of inner exception stack trace ---
at Org.Mentalis.Security.Ssl.SecureSocket.EndReceive(IAsyncResult asyncResult
) in c:\downloads\seclib-1.0\seclib-1.0\seclib\security\ssl\securesocket.cs:line
499
at Org.Mentalis.Security.Ssl.SecureSocket.Receive(Byte[] buffer, Int32 offset
, Int32 size, SocketFlags socketFlags) in c:\downloads\seclib-1.0\seclib-1.0\sec
lib\security\ssl\securesocket.cs:line 446
at WebServer.StartServer(IPEndPoint ep, SecureProtocol sp, Certificate cert)
in C:\downloads\seclib-1.0\seclib-1.0\Samples\SSL\WebServer\WebServer.cs:line 22
9
Waiting for another connection...
|
by Carlos posted on 2004/11/14 |
|
I found a similar post http://www.mentalis.org/forum/thread.qpx/107
but putting -sky signature isnt fixing it yet! |
by Carlos posted on 2004/11/15 |
|
I got it to work using different params on makecert
C:\Program Files\Microsoft Visual Studio .NET 2003\Common7\Tools\Bin>makecert -sk "ssldemo" -pe -r -e "12/01/2004" -sky Exchange -sy 12 -sp "Microsoft RSA SChannel Cryptographic Provider" -n "CN=localhost,OU=foounit,O=foodev" -ss MY -eku 1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2 |
|
|