Reputation: 893
SslStream AuthenticateAsServer The credentials supplied to the package were not recognized
Using c# to communicate via SSL with SslStream. I am using certificates generated myself and imported into Windows certificate store w/ certlm.msc. I am getting the following exception "The credentials supplied to the package were not recognized" on SslStream.AuthenticateAsServer().
It seems to work for a little while, but then it stops. It's been pretty frustrating. I have read through many articles here but have not found a solution I need to recreate the certificates and import them. I created the certificates like this:
Created a CA:
"C:\Program Files (x86)\Windows Kits\8.1\bin\x64\makecert.exe" ^ -n "CN=CARoot" -r -pe -a sha512 -len 4096 -cy authority -sv CARoot.pvk ^ -ss -sr CARoot.cer
"C:\Program Files (x86)\Windows Kits\8.1\bin\x64\pvk2pfx.exe" ^ -pvk CARoot.pvk -spc CARoot.cer -pfx CARoot.pfx -po Test123
Create a Server certificate:
"C:\Program Files (x86)\Windows Kits\8.1\bin\x64\makecert.exe" ^ -n "CN=%1" -iv CARoot.pvk -ic CARoot.cer -pe -a sha512 -len 4096 ^ -sky exchange -eku 1.3.6.1.5.5.7.3.1 -sv SslServer.pvk SslServer.cer
"C:\Program Files (x86)\Windows Kits\8.1\bin\x64\pvk2pfx.exe" ^ -pvk SslServer.pvk -spc SslServer.cer -pfx SslServer.pfx ^ -po Test123
Create a client certificate:
"C:\Program Files (x86)\Windows Kits\8.1\bin\x64\makecert.exe" ^ -n "CN=%1" -iv CARoot.pvk -ic CARoot.cer -pe -a sha512 ^ -len 4096 -sky exchange -eku 1.3.6.1.5.5.7.3.2 -sv SslClient.pvk ^ SslClient.cer
"C:\Program Files (x86)\Windows Kits\8.1\bin\x64\pvk2pfx.exe" ^ -pvk SslClient.pvk -spc SslClient.cer -pfx SslClient.pfx -po Test123
I am basically using the sample code from MSDN, and I put both SslServer and SslClient in my lmhosts file so they resolve.
Note - in Certificate Manager, when i click on them, they say "You have a private key that corresponds to this certificate".
Upvotes: 1
Views: 3519
Answers (1)
Reputation: 893
I think I figured it out. It was a permission issue, I was importing them into localMachine certificate manager (certlm.msc), and after i rebooted machine it didn't work unless I ran my app as admin. Deleting from there and installing with currentUser Cert Man (certmgr.msc) worked.
Note - I also made certificates a slightly different way, not sure if that mattered:
makecert -ic CARoot.cer -iv CARoot.pvk -n "CN=SslServer2" -sv SslServer2.pvk -pe -sky exchange SslServer2.cer
cert2spc SslServer2.cer SslServer2.spc
pvk2pfx -pvk SslServer2.pvk -spc SslServer2.spc -pfx SslServer2.pfx -f
Upvotes: 3
Related Questions
- How do I remedy "The breakpoint will not currently be hit. No symbols have been loaded for this document." warning?
- Could not find a part of the path ... bin\roslyn\csc.exe
- Convert Certificate and Private Key to .PFX programmatically in C#
- Visual studio makecert DES3 certificate
- Unable to build a W10 UWP app in "Release" when referenced more than one API-Extension
- Peer-peer mutal SSL authentication in .Net using socket communication
- Where to install SSL Certificate in MMC console for mutual (peer-peer) authentication
- Cannot use self issued client certificate