3

I am developing a C# SSL Client.

This is oneway certificate validation. My client needs to do a server certificate validation.

I have added RemoteCertificateValidationCallback to SslStream.

At present, I have created a root CA cert and issued a certificate using the root CA cert for the server. I have used to openssl to generate these certificates.

I am getting RemoteCertificateChainErrors in my client's CertificateValidationCallback for the server certificate.

I am testing my client on Windows 10.

To fix this issue, I Have added the root CA cert to trusted root certification authorities .

enter image description here

Now I do not see RemoteCertificateChainErrors.

But I am not able to find a way to configure a custom trust store, as I did in the java client (jks).

I want to add my root CA to my own truststore and pass that to my C# client along with the password. When the client receives a certificate from the server it should look into that truststore for root CA cert to validate the remote certificate.

Can anyone please help?

deshapriya debesh
  • 121
  • 6

1 Answers1

0

In Java you can create your own keystores. In Windows you have the restriction to use only the keystores that already exist (Own certificates, Trusted Root Certification Authorities, ...)

Therefore, when checking the server certificate you have to specify which store your client should look at.

Also, take a look at this post: Using X509 Certificate with file and key in C#

abo
  • 131
  • 4