Reputation: 21
How to perform custom certificate validation with WebSocket
I'm attempting to get client and server applications (developed in C# and .NET) using secure web sockets to validate the certificates within the applications.
Is there a mechanism for a WebSocket (System.Net.Websockets.WebSocket in .NET) using a secure (wss) connection to perform custom validation on a client certificate? And similarly a client WebSocket to perform custom validation of the server certificate?
For example, with the .NET class SSLStream a RemoteCertificateValidationCallback can be passed to the constructor. I assume there is a similar mechanism for WebSockets but I can't seem to find any examples or documentation.
Upvotes: 2
Views: 1968
Answers (1)
Reputation: 11
I had the same issue with the websocket client implementation and could not find any way to do that using System.Net.Websockets.WebSocket. I solved it using a System.Net.Sockets.Socket to establish the connection and then implement the client-server handshake to upgrade the Socket connection to a websocket connection with the websocket server, and also implemented other methods to send messages and to continuously read for incoming data, simulating the WebSocket behavior (you can find how to do that in several code examples and open source websocket libraries, i.e. https://github.com/kerryjiang/WebSocket4Net ).
Upvotes: 1
Related Questions
- Disable WebSocket certificate validation
- System.net.websocket ClientWebSocket with self signed certificate
- WebSocket secure connection self signed certificate
- Websocket with Client Certificate
- Secure websocket (WSS) certificate signing
- Using client certificate with WebSocket4Net
- Custom certificate validation in WCF service
- Detect invalid certificate for WebSocket
- Accept server certificate for secured websocket connection
- Validating Certificate with custom CA public key file?