SSL.NET Certificate Validation vs. Mono

Question

SSL.NET Certificate Validation vs. Mono

I have a problem with SSL certificate verification in my Unity game.

I made a simple test code:

ServicePointManager.ServerCertificateValidationCallback += ServerCertificateValidationCallback; private static bool ServerCertificateValidationCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { return true; } public void Test() { WebClient w = new WebClient(); string downloadString = w.DownloadString("https://encrypted.google.com/"); }

I implemented this in .NET 4.5 and Unity (Mono), and the problem is that this certificate is correctly verified on .NET, but in Mono I get:

 SslPolicyErrors: RemoteCertificateChainErrors ChainStatus: PartialChain RevocationStatusUnknown OfflineRevocation

Why is this happening? Do I have to install something in Mono extra to handle this?

thanks

+5

c # .net ssl mono

Tomasz Dec 13 '16 at 9:15

source share

1 answer

sakiM · Answer 1 · 2018-02-06T10:07:15+0000

The problem is that mono does not carry any root CA or CRL, see Why there are no root certificates in Mono . And if you are trying to develop a mobile game, then there was an error downloading the certificate , which returns incomplete X509Chain and was fixed in Mono 3.6.0.

According to official tips, upgrading unity to Unity2017 will be built-in mono 4.5, which would solve this annoying problem. Otherwise, you may need to install CA certificates manually .

SSL.NET Certificate Validation vs. Mono

More articles: