Mono C# HTTPs (XMLRPC.NET) failure : client certificate or server certificate issue?

Question

After resolving my problem related to XMLRPC.NET + HTTPs, I made some successful tests on Windows with this XMLRPC client/server sample solution but could not get the client (running on Mono Linux) to connect to the server (running on Windows 7). I am using self generated certificates of course for testing (both in client and server), but it does not work for client on Linux.

As you can see, the client code generates a X509 certificate on start :

System.Net.ServicePointManager.CertificatePolicy = new TrustAllCertificatePolicy();
IStateName proxy = XmlRpcProxyGen.Create<IStateName>();
XmlRpcClientProtocol cp = (XmlRpcClientProtocol)proxy;
cp.Url = "https://127.0.0.1:5678/";
cp.ClientCertificates.Add(new System.Security.Cryptography.X509Certificates.X509Certificate(@"C:\path\to\your\certificate\file\my.cer"));
cp.KeepAlive = false;

and it is designed to accept all certificates, even untrusted. But despite this, it still does not work.

Also, some tests using wget shows that wget https://www.google.com/ successfully contacts and downloads certificate, but not in my case with wget https://192.168.1.3:5678/, and even with --no-check-certificate.

Does anyone have an idea on what's going on ? Thank you very much.

Answer 1

Quick answer: Your .cer file does not contain a private key so it cannot be used for client certificates.

Longer answers

So how does it work on Windows ? CryptoAPI will query it's certificate store to see if a private key, matching the certificate, exists. If it does then it will load it automagically

How can it work on Mono ? The easiest solution is to create a X509Certificate2 instance that loads a PKCS#12 file (i.e. generally suffixed by .pfx or .p12). That file (if generated properly) will include both the X.509 certificate and the private key - allowing Mono to use the certificate in this context.