SslStream AuthenticateAsClient using PFX file

851 views Asked by At

I'm trying to connect to a server using an SslStream. I've been given a PFX file from the owner of the server and I've installed it on my client but I'm not sure how to access the certificate from my code.

Specifically, imagine that I have the following code...

var serverName = "?";
var stream = new SslStream();
stream.AuthenticateAsClient(serverName);

What would the value of serverName be? I've tried
the IP address of the server
"MyServer"
"CN = MyServer"

None of these values seem to work. Is there something additional I need to do to access the cert store on my machine, or do I not understand what the serverName needs to be?

1

There are 1 answers

0
mtmk On

It must be the Common Name (CN - which is usually a fully qualified domain name) of the servers certificates subject for the host you are connecting to.

For example if the servers certificates subject looks like:

CN = www.verisign.com, OU = Production Security Services, O = VeriSign, Inc ...

you should use:

stream.AuthenticateAsClient("www.verisign.com");

If the host you are connecting to allows connections without client certificate verification then you should be able to connect to it (with a browser for example - if HTTPS) and see the server certificate, or you can try using OpenSSL client.