I developed a websocket-server in C# with Mono under linux and the Websocket library called Fleck Websockets
Javascript clients in Browsers are connecting and running smoothly with the websocket protocoll ws.
Now I want to use wss as the secure websocket connection.
The library claims to be able to handle this by just pointing to the .pfx X509 certificate.
I also incorporated the solution from Mono Documentation which might be outdated though.
WebSocketServer server = new WebSocketServer("wss://" + Tools.LocalIPAddress() + ":" + MainClass.websocketport);
server.Certificate = new
// Mono Hack for Handling potential Certificate problems
ServicePointManager.ServerCertificateValidationCallback = Validator;
System.Security.Cryptography.X509Certificates.X509Certificate2(new System.Security.Cryptography.X509Certificates.X509Certificate(zertifikatsfile,"<password>"));
server.EnabledSslProtocols = System.Security.Authentication.SslProtocols.Tls;
public static bool Validator(System.Object sender,
X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
return true;
}
However, once a wss-client (Browser) tries to connect, the programm throws the folling error/warning
[Warn] Failed to Authenticate System.AggregateException: One or more errors occured ---> System.IO.IOException: The authentication or decryption has failed. ---> System.NotSupportedException: Unsupported security protocol type
at Mono.Security.Protocol.Tls.Context.DecodeProtocolCode (Int16 code) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.Server.TlsClientHello.processProtocol (Int16 protocol) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.Server.TlsClientHello.ProcessAsTls1 () [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () [0x00000] in <filename unknown>:0
at (wrapper remoting-invoke-with-check) Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process ()
at Mono.Security.Protocol.Tls.ServerRecordProtocol.ProcessHandshakeMessage (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
--> (Inner exception 0) System.IO.IOException: The authentication or decryption has failed. ---> System.NotSupportedException: Unsupported security protocol type
at Mono.Security.Protocol.Tls.Context.DecodeProtocolCode (Int16 code) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.Server.TlsClientHello.processProtocol (Int16 protocol) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.Server.TlsClientHello.ProcessAsTls1 () [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () [0x00000] in <filename unknown>:0
at (wrapper remoting-invoke-with-check) Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process ()
at Mono.Security.Protocol.Tls.ServerRecordProtocol.ProcessHandshakeMessage (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
I am now not sure how to proceed to overcome the problem. As a further background information, the Certificate is from letsencrypt and I converted it with openssl to .pfx.
System.IO.IOException: The authentication or decryption has failed. ---> System.NotSupportedException: Unsupported security protocol type
This error above hints me that you're using a version of Debian (8.10) which includes a version of Mono (4.6.2) which is a bit old. Mono 4.8.x and newer includes better TLS/cryptography support, upgrade to this version and test again.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.