EppLib.net-使用哪个SSL证书

Question

When using EppLib.net (and as per the Nominet instructions - http://registrars.nominet.uk/namespace/uk/registration-and-domain-management/registrar-systems/epp/testbed )

In order to verify the identity of the secure server you will need the 'Verisign Class 3 Public Primary Certification Authority' root certificate available free from www.verisign.com (the certificate is also distributed with most web browsers).

I am supplying the Verisign Class 3 PPCA Certs in .crt format (I can't export as a pfx) within the code (and have tried every cert installed on the server).

However each one fails with the error (when trying to negotiate the connection):

An existing connection was forcibly closed by the remote host.

I've confirmed that I can connect from the server to Nominet by running cURL

curl -v https://testbed-epp.nominet.org.uk:700

and that responds as I would expect - or at least without an error!

I have also tried to use the same cert that curl appears to be using without success.

Can anyone help with pointing me in the right direction with the SSL that I should be using or how to get hold of the correct certificate?

thanks in advance

Answer 1

For anyone having a similar issue, it wasn't a question of which SSL certificate to use, but to ensure the correct protocol was being used. Incidentally, I got it working initially using the curl-ca-bundle.crt provided with cURL.

This certificate, in combination with a change to the target .net framework for the EppLib.net project resolved my issue.

On cloning from Github the target was .net 4.0 and Nominet needs at least TLS1.1, which wasn't available in v4.

Therefore I also updated the target to 4.5.1 for the EppLib.net project and changed the SslProtocol from

SslProtocol.Tls to

SslProtocol.Tls12