[英]In C# what is the point of using SslStream.AuthenticateAsServer() on the server side?
I am trying to listen for a secured TCP connection on a port.我正在尝试侦听端口上的安全 TCP 连接。 I was going through the server code example on microsoft docs.
我正在浏览微软文档上的服务器代码示例。 I am pasting here for quick reference:
我在这里粘贴以供快速参考:
static void ProcessClient (TcpClient client)
{
// A client has connected. Create the
// SslStream using the client's network stream.
SslStream sslStream = new SslStream(
client.GetStream(), false);
// Authenticate the server but don't require the client to authenticate.
try
{
sslStream.AuthenticateAsServer(serverCertificate, clientCertificateRequired: false, checkCertificateRevocation: true);
// Display the properties and settings for the authenticated stream.
DisplaySecurityLevel(sslStream);
DisplaySecurityServices(sslStream);
DisplayCertificateInformation(sslStream);
DisplayStreamProperties(sslStream);
My doubt is why server is authenticating itself?我的疑问是为什么服务器要对自己进行身份验证? Or am I missing something here.
或者我在这里错过了什么。
Perhaps you're missing the "As".也许你错过了“作为”。 That call tells the SslStream that it should prepare for the TLS handshake (where authentication happens), and that it is taking the server role in the handshake.
该调用告诉 SslStream 它应该为 TLS 握手(身份验证发生的地方)做准备,并且它在握手中扮演服务器角色。
So it's really "start the authentication phase, as the server".所以它真的是“开始身份验证阶段,作为服务器”。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.