I have an up and running Apache Server with an letsencrypt ssl-certificate which automatically renews.
So far so fine.
I would now like to install a c# application which implements a websocket Server on this mashine.
I am using the Fleck library for this purpose which also offers wss Support.
For this purpose I Need to Point to a .pfx certificate in a line like
server.Certificate = new X509Certificate2(“MyCert.pfx”);
Letsencrypt, though, Comes with .pem files and at least fullchain.pem is nothing which would work.
What should I do to create a proper .pfx file from the existing .pem files?
But still my application is not really happy. The line
server.Certificate = new X509Certificate2(“certificate.pfx”,"");
is accepted but once the Client connects the Server tells a Long error Story (see below)
and I have no Clou how to handle this.
Best
Wuppi
=======================================================================
[Warn] Failed to Authenticate System.AggregateException: One or more errors occured —> System.IO.IOException: The authentication or de cryption has failed. —> System.NotSupportedException: Unsupported security protocol type
at Mono.Security.Protocol.Tls.Context.DecodeProtocolCode (Int16 code) [0x00000] in :0
at Mono.Security.Protocol.Tls.Handshake.Server.TlsClientHello.processProtocol (Int16 protocol) [0x00000] in :0
at Mono.Security.Protocol.Tls.Handshake.Server.TlsClientHello.ProcessAsTls1 () [0x00000] in :0
at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () [0x00000] in :0
at (wrapper remoting-invoke-with-check) Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process ()
at Mono.Security.Protocol.Tls.ServerRecordProtocol.ProcessHandshakeMessage (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000] in : 0
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in :0
— End of inner exception stack trace —
at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in :0
— End of inner exception stack trace —
–> (Inner exception 0) System.IO.IOException: The authentication or decryption has failed. —> System.NotSupportedException: Unsupported security protoco l type
at Mono.Security.Protocol.Tls.Context.DecodeProtocolCode (Int16 code) [0x00000] in :0
at Mono.Security.Protocol.Tls.Handshake.Server.TlsClientHello.processProtocol (Int16 protocol) [0x00000] in :0
at Mono.Security.Protocol.Tls.Handshake.Server.TlsClientHello.ProcessAsTls1 () [0x00000] in :0
at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () [0x00000] in :0
at (wrapper remoting-invoke-with-check) Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process ()
at Mono.Security.Protocol.Tls.ServerRecordProtocol.ProcessHandshakeMessage (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000] in : 0
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in :0
— End of inner exception stack trace —
at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in :0
That error doesn’t really explain why the TLS library had trouble establishing the connection.
Could you tell us where this TLS server is located? Is it reachable over the public Internet so that we could try connecting to it with other software?
Could you connect to it with curl or openssl s_client -connect? (curl expects an HTTPS service but openssl s_client -connect can work with any kind of TLS service.)