Reputation: 11
SslStream without certificate
I am designing a system in a client server architecture - TCP based. There is a requirement that all the messages between the server & client should be encrypted. So I am thinking of using SslStream class in .NET Framework.
From SslStream MSDN, my understanding is that we need to use Client & server certificates to make a proper channel & communicate.
I don't want to use any certificate specific to particular machine(client) or server. I Just wanted to have a common key between the system.
Is there any possibility to use the SSL stream without certificates??
Upvotes: 1
Views: 4121
Answers (1)
Reputation: 23721
Whilst not required by the TLS spec, the use of the .NET SslStream implementation requires that the server has a certificate (and its associated private key). This allows any client to confirm that it is communicating with the server it expects to be. Optionally, clients can also be authenticated by having them provide a client certificate to the server. So, if you want to use SslStream, you're at a minimum going to have to create a certificate for the server, because that is how this particular implementation works.
If you don't wish to use certificates at all, then there are other options. E.g. if you are planning on using your application within a Windows domain, and both client/server are Windows based, you may be able to use NegotiateStream instead. This also supports encryption/authentication, but does not use certificates, and will additionally allow you to identify the user on the other side of the connection.
Upvotes: 6
Related Questions
- C# ssl/tls with socket tcp
- .Net SslStream with Client Certificate
- SslStream and Authentication
- c# TLS client without client certificate
- C# SSL secure sockets
- c# Sockets use Ssl
- Problems using SslStream in a TLS web socket server
- C# Sockets and SslStreams
- Using SslStream with IOCP
- How to send\recive SslStream from TCP server in C#?