|
|
PLEASE HELP-AuthenticateAsClient: A call to SSPI failed - error message not helpfull. |
|
Author |
Message |
gfusion
|
Posted: .NET Framework Networking and Communication, PLEASE HELP-AuthenticateAsClient: A call to SSPI failed - error message not helpfull. |
Top |
Hello People.
I am trying to use SSL Stream to connect to a domain registrars EPP interface.
I have created the correct certificates however before the code even looks for the certificate I get an AuthenticationException when I call AuthenticateAsClient()
No matter how I use AuthenticateAsClient() I get the following error:
A call to SSPI failed, see inner exception.The message received was unexpected or badly formatted.
What does that mean
I have tried: Stream.AuthenticateAsClient(server, clientCertificates, enabledSslProtocols, checkCertificateRevocation)
and Stream.AuthenticateAsClient(certName)
How can I find out what this error means no matter what Certname or server name i use I get the same error.
Here is my code:
Imports System Imports System.IO Imports System.Net Imports System.Text Imports System.Net.Sockets Imports System.Net.Security Imports System.Security.Authentication Imports System.Security.Cryptography.X509Certificates
Module Module1
Sub Main() Dim server As String = "203.59.162.214" Dim message As String = "hello" Dim port As Integer = 700 Dim Stream As SslStream = Nothing Dim asyncCallback As AsyncCallback Dim asyncState As Object Dim returnValue As IAsyncResult
Try
' Step 1. ' Instantiate a TcpClient with the target server and port number Dim client As New TcpClient(server, port) Console.WriteLine("Waiting for a TcpClient connection... ") ' Step 2. 'Convert the data to send into a byte array Dim data As [Byte]() = System.Text.Encoding.ASCII.GetBytes(message)
' Step 3. ' Specify the callback function that will act as the validation delegate. This lets you inspect the certificate to see if it meets your ' validation requirements. Dim callback As New RemoteCertificateValidationCallback(AddressOf OnCertificateValidation)
' Step 4. ' Instantiate an SslStream with the NetworkStream returned from the TcpClient. Stream = New SslStream(client.GetStream(), False, callback)
' Step 5. ' As a client, you can authenticate the server and validate the results using the SslStream. ' This is the host name of the server you are connecting to, which may or may not be the name used ' to connect to the server when TcpClient is instantiated. Dim cert As X509Certificate = X509Certificate.CreateFromCertFile("\\192.168.1.2\test\AUSTDOMAINS_OTE-cert.pem") 'Dim certName As String = cert.GetName() Dim certName As String = "AUSTDOMAINS" Dim clientCertificates As New X509CertificateCollection Dim enabledSslProtocols As SslProtocols = SslProtocols.Default Dim checkCertificateRevocation As Boolean = True clientCertificates.Add(cert) 'Stream.AuthenticateAsClient(server, clientCertificates, enabledSslProtocols, checkCertificateRevocation) Stream.AuthenticateAsClient(certName)
'returnValue = Stream.BeginAuthenticateAsClient(server, asyncCallback, asyncState) 'Console.WriteLine("IsAuthenticated: {0}", returnValue) If Stream.IsAuthenticated Then
' Indicates whether the authentication was successful. Console.WriteLine("IsAuthenticated: {0}", Stream.IsAuthenticated) ' Indicates whether both the client and server has been authenticated. ' In this example only the server is authenticated. Console.WriteLine("I****uallyAuthenticated: {0}", Stream.I****uallyAuthenticated) ' Indicates whether the SslStream uses data encryption. Console.WriteLine("IsEncrypted: {0}", Stream.IsEncrypted) ' Indicates whether the data sent is signed. Console.WriteLine("IsSigned: {0}", Stream.IsSigned) ' Indicates whether the current side of the connection is authenticated as a server. Console.WriteLine("IsServer: {0}", Stream.IsServer) End If
' Step 6. ' Send the message to the server. 'Stream.Write(data, 0, data.Length)
'Write out the what was sent to the console 'Console.WriteLine("Sent: {0}", message)
' Buffer to hold data returned from the server. 'data = New [Byte](256) {}
' Step 7. ' Read the response from the server up to the size of the buffer. 'Dim bytes As Integer = Stream.Read(data, 0, data.Length)
' Step 8. 'Convert the received bytes into a string 'Dim responseData As String = System.Text.Encoding.ASCII.GetString(data, 0, bytes)
'Write out what was received to the console - this should be an "echo" of what was sent. 'Console.WriteLine("Received: {0}", responseData)
Catch ex As AuthenticationException Console.WriteLine("AuthenticationException:") Console.WriteLine(ex.Message) Console.WriteLine(ex.InnerException.Message) 'Console.WriteLine(ex.InnerException.Message)
Catch ex As SocketException Console.WriteLine("SocketException:") Console.WriteLine(ex.Message) Console.WriteLine(ex.InnerException.Message)
Catch ex As IOException Console.WriteLine("IOException:") Console.WriteLine(ex.Message) Console.WriteLine(ex.InnerException.Message)
Finally
' Step 9. ' Make sure that the SslStream is closed. If Stream IsNot Nothing Then Stream.Close() End If
Console.WriteLine("Press Enter to continue...") Console.Read() End Try
End Sub 'Check the certificate for errors and to make sure it meets your security policy. Private Function OnCertificateValidation(ByVal sender As Object, ByVal certificate As X509Certificate, ByVal chain As X509Chain, ByVal errors As SslPolicyErrors) As Boolean
Console.WriteLine("Server Certificate Issued To: {0}", certificate.GetName()) Console.WriteLine("Server Certificate Issued By: {0}", certificate.GetIssuerName())
' Return true if there are no policy errors ' The certificate can also be manually verified to make sure it meets your specific policies by ' interrogating the x509Certificate object. If (errors <> SslPolicyErrors.None) Then
Console.WriteLine("Server Certificate Validation Error") Console.WriteLine(errors.ToString()) Return False
Else
Console.WriteLine("No Certificate Validation Errors") Return True End If End Function
End Module
.NET Development12
|
|
|
|
|
paksys
|
Posted: .NET Framework Networking and Communication, PLEASE HELP-AuthenticateAsClient: A call to SSPI failed - error message not helpfull. |
Top |
First of all "X509Certificate.CreateFromCertFile" will ONLY accept DER format certificate and not .pem or other formats.
Secondly, change this line:
Stream.AuthenticateAsClient(certName)
TO
Stream.AuthenticateAsClient(certName, clientCertificates, SslProtocols.Tls, False)
Thirdly, try to catch your InnerException which will put you in the right direction. Add this within your AuthenticationException Catch:
If (ex.InnerException IsNot Nothing) Then
Console.WriteLine( "Inner exception: " + ex.InnerException.Message)
End If
Regards,
Khalil Ahmad
|
|
|
|
|
|
|