我在C#中开发了一个websocket-server,其中包含Linux下的Mono和名为Fleck Websockets的Websocket库
浏览器中的Javascript客户端使用websocket protocoll ws连接并顺利运行。
现在我想使用wss作为安全的websocket连接。
该库声称只需指向.pfx X509证书即可处理此问题。
我还整合了Mono Documentation中可能已过时的解决方案。
WebSocketServer server = new WebSocketServer("wss://" + Tools.LocalIPAddress() + ":" + MainClass.websocketport);
server.Certificate = new
// Mono Hack for Handling potential Certificate problems
ServicePointManager.ServerCertificateValidationCallback = Validator;
System.Security.Cryptography.X509Certificates.X509Certificate2(new System.Security.Cryptography.X509Certificates.X509Certificate(zertifikatsfile,"<password>"));
server.EnabledSslProtocols = System.Security.Authentication.SslProtocols.Tls;
public static bool Validator(System.Object sender,
X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
return true;
}
但是,一旦wss-client(浏览器)尝试连接,程序就会抛出后续错误/警告
[Warn] Failed to Authenticate System.AggregateException: One or more errors occured ---> System.IO.IOException: The authentication or decryption has failed. ---> System.NotSupportedException: Unsupported security protocol type
at Mono.Security.Protocol.Tls.Context.DecodeProtocolCode (Int16 code) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.Server.TlsClientHello.processProtocol (Int16 protocol) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.Server.TlsClientHello.ProcessAsTls1 () [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () [0x00000] in <filename unknown>:0
at (wrapper remoting-invoke-with-check) Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process ()
at Mono.Security.Protocol.Tls.ServerRecordProtocol.ProcessHandshakeMessage (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
--> (Inner exception 0) System.IO.IOException: The authentication or decryption has failed. ---> System.NotSupportedException: Unsupported security protocol type
at Mono.Security.Protocol.Tls.Context.DecodeProtocolCode (Int16 code) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.Server.TlsClientHello.processProtocol (Int16 protocol) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.Server.TlsClientHello.ProcessAsTls1 () [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () [0x00000] in <filename unknown>:0
at (wrapper remoting-invoke-with-check) Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process ()
at Mono.Security.Protocol.Tls.ServerRecordProtocol.ProcessHandshakeMessage (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
我现在不确定如何解决这个问题。作为进一步的背景信息,证书来自letsencrypt,我用openssl将其转换为.pfx。
答案 0 :(得分:0)
System.IO.IOException:身份验证或解密失败。 ---&GT; System.NotSupportedException:不支持的安全协议类型
上述错误提示我您使用的是Debian(8.10)版本,其中包含Mono版本(4.6.2),有点旧版本。 Mono 4.8.x及更新版本包括更好的TLS /加密支持,升级到此版本并再次测试。