我使用SslStream构建web服务器。不过,当进行AuthenticateAsServer操作时,下面的代码会抛出异常。
static X509Certificate cert;
protected virtual Stream GetStream(TcpClient client)
{
var ss = new SslStream(client.GetStream(), false);
if (cert == null)
{
cert = X509Certificate2.CreateFromCertFile("test.cer");
}
ss.AuthenticateAsServer(cert, false, System.Security.Authentication.SslProtocols.Tls, true);
return ss;
}
我已经使用X509Certificate2加载了证书文件,为什么仍然会抛出异常(服务器模式SSL必须使用带有关联私钥的证书)?
该证书文件是使用以下命令创建的:
makecert
-pe Exportable private key
-n "CN=localhost" Subject name
-ss my Certificate store name
-sr LocalMachine Certificate store location
-a sha1 Signature algorithm
-sky signature Subject key type is for signature purposes
-r Make a self-signed cert
"test.cer" Output filename