0

I am writing a very basic http/https server and have all the ground work laid out. it works just fine under normal circumstances. but if a users tries to connect using a different domain or ip that isn't on the certificate the sslstream throws an error and if i just catch the error and use the sslstream anyways any read or write method throws an error.

Is there anyway i can make the sslstream ignore the authentication error or implement a very basic ssl/tls system manually.

  • Give the `SslStream` constructor a `RemoteCertificateValidationCallback ` that always returns true – Charlieface Feb 26 '21 at 00:33
  • doesn't work, that callback is for when a client wants to connect to a server and wants to override the verification process. I just tested it. – BlackStone Feb 26 '21 at 00:44
  • Obviously the client is the one that needs to add the callback. You cannot force the client to ignore an authentication error – Charlieface Feb 26 '21 at 00:51
  • problem is im making a webserver that a web browser should be able to access so i cant modify the code of the client. i was hoping there was a way i could continue even with an invalid certificate because most browsers have a button to continue to the website even if the certificate isnt valid. – BlackStone Feb 26 '21 at 00:55
  • Perhaps set `SslServerAuthenticationOptions.ServerCertificate` to your self-signed cert, it may be trying to get a certificate that does not exist. Let's see your code – Charlieface Feb 26 '21 at 01:04
  • I'm not using asp.net I'm using .net framework so SslServerAuthentticationOption doesn't exist. Im not using a self signed certificate im using a valid certificate i got from lets encrypt. And it does find the certificate i have multiple checks in the code to find the certificate make sure its loaded and is a valid format and like i said in my post the server works just fine if you connect from the normal hostname it just fails to authenticate if the user uses a different hostname or uses the ip to connect. – BlackStone Feb 26 '21 at 01:27

0 Answers0