每个客户端ssl证书

时间:2016-12-02 20:35:24

标签: c# ssl

所以我有我的小服务器和客户端,因为我有多个用户连接我希望每个用户都有他/她自己的Ssl证书,用于SslStream。 所以基本上服务器有一个公钥用于每个客户端,客户端有他的私钥,当客户端连接时它将启动带有这些证书的SslStream,但问题是,服务器不知道应该加载哪个证书,因为它不是知道客户端连接的是什么,这是我的服务器代码:

while ((true))
        {
            try
            {
                byte[] buffer = new byte[4];
                requestCount = requestCount + 1;
                bool leaveInnerStreamOpen = false;
                RemoteCertificateValidationCallback validationCallback =
                  new RemoteCertificateValidationCallback(ClientValidationCallback);
                LocalCertificateSelectionCallback selectionCallback =
                  new LocalCertificateSelectionCallback(ServerCertificateSelectionCallback);
                EncryptionPolicy encryptionPolicy = EncryptionPolicy.AllowNoEncryption;
                _sslStream = new SslStream(clientSocket.GetStream(),
                  leaveInnerStreamOpen, validationCallback, selectionCallback, encryptionPolicy);
                X509Certificate2 certificate = ServerCertificate.Servercertificate();
                bool requireClientCertificate = false;
                SslProtocols enabledSslProtocols = SslProtocols.Tls11 | SslProtocols.Tls12;
                bool checkCertificateRevocation = true;
                _sslStream.AuthenticateAsServer
                  (certificate, requireClientCertificate, enabledSslProtocols, checkCertificateRevocation);
                buffer = new byte[4];
                int readBytes = _sslStream.Read(buffer, 0, 4);
                if (readBytes == 0)
                    break;
                int MessageSize = BitConverter.ToInt32(buffer, 0);
                byte[] bufferreader = new byte[MessageSize];
                clientSocket.ReceiveBufferSize = MessageSize;
                readBytes = _sslStream.Read(bufferreader, 0, MessageSize);
                Console.WriteLine(Convert.ToString(MessageSize));
                rCount = Convert.ToString(requestCount);
                dataFromClient = Encoding.ASCII.GetString(bufferreader);
                byte[] outbuffer = new byte[4];
                serverResponse = R.Respond(dataFromClient, clientSocket);
                sendBytes = Encoding.ASCII.GetBytes(serverResponse);
                outbuffer = new byte[4];
                outbuffer = BitConverter.GetBytes(sendBytes.Length);
                _sslStream.Write(outbuffer, 0, 4);
                _sslStream.Flush();
                clientSocket.SendBufferSize = sendBytes.Length;
                _sslStream.Write(sendBytes, 0, sendBytes.Length);
                _sslStream.Flush();
            }
            catch (Exception ex)
            {
                EndPointHandler.RemoveEndPoint(clientSocket);
                clientSocket.Close();
                Console.WriteLine("User Server >> " + ex.ToString());
                Thread.CurrentThread.Abort();
            }
        }

所以应该发生的是,首先客户端发送他的用户名,服务器然后查找匹配的证书。然后它使用该公共证书进行身份验证,客户端使用私有证书进行身份验证,但问题是我不知道如何做到这一点,很遗憾,很多谷歌搜索都没有产生任何结果。

非常感谢任何帮助,

由于

0 个答案:

没有答案
相关问题
最新问题