我用C#开发了一个websocket-server,在linux和名为Fleck Websockets的Websocket库
浏览器中的 JavaScript 客户端与 websocket 协议 ws 连接并顺利运行。
现在我想使用 wss 作为安全的 websocket 连接。
该库声称能够通过仅指向 .pfx X509 证书来处理此问题。
我还合并了单声道文档中的解决方案,该解决方案可能已经过时了。
WebSocketServer server = new WebSocketServer("wss://" + Tools.LocalIPAddress() + ":" + MainClass.websocketport);
server.Certificate = new
// Mono Hack for Handling potential Certificate problems
ServicePointManager.ServerCertificateValidationCallback = Validator;
System.Security.Cryptography.X509Certificates.X509Certificate2(new System.Security.Cryptography.X509Certificates.X509Certificate(zertifikatsfile,"<password>"));
server.EnabledSslProtocols = System.Security.Authentication.SslProtocols.Tls;
public static bool Validator(System.Object sender,
X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
return true;
}
但是,一旦 wss-client(浏览器(尝试连接,程序就会抛出以下错误/警告
[Warn] Failed to Authenticate System.AggregateException: One or more errors occured ---> System.IO.IOException: The authentication or decryption has failed. ---> System.NotSupportedException: Unsupported security protocol type
at Mono.Security.Protocol.Tls.Context.DecodeProtocolCode (Int16 code) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.Server.TlsClientHello.processProtocol (Int16 protocol) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.Server.TlsClientHello.ProcessAsTls1 () [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () [0x00000] in <filename unknown>:0
at (wrapper remoting-invoke-with-check) Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process ()
at Mono.Security.Protocol.Tls.ServerRecordProtocol.ProcessHandshakeMessage (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
--> (Inner exception 0) System.IO.IOException: The authentication or decryption has failed. ---> System.NotSupportedException: Unsupported security protocol type
at Mono.Security.Protocol.Tls.Context.DecodeProtocolCode (Int16 code) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.Server.TlsClientHello.processProtocol (Int16 protocol) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.Server.TlsClientHello.ProcessAsTls1 () [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () [0x00000] in <filename unknown>:0
at (wrapper remoting-invoke-with-check) Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process ()
at Mono.Security.Protocol.Tls.ServerRecordProtocol.ProcessHandshakeMessage (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
我现在不确定如何着手克服这个问题。作为进一步的背景信息,证书来自letsencrypt 我用openssl将其转换为.pfx。
System.IO.IOException:身份验证或解密失败。 ---> 系统不支持异常:不支持的安全协议类型
上面的这个错误暗示我你使用的是 Debian (8.10( 版本,其中包括一个有点旧的 Mono (4.6.2( 版本。Mono 4.8.x 及更高版本包含更好的 TLS/加密支持,请升级到此版本并再次测试。