Login  
Search All Forums
Dart Home | PowerTCP Sockets for .NET | Custom Development Reply | PowerTCP Sockets for .NET (Secure and Standard) Topics | Forums   
AuthorForum: PowerTCP Sockets for .NET (Secure and Standard)
Topic: Secure Server
ianlcurtis

From: London, United Kingdom
Posts: 12
Member Since: 10/15/12
posted December 17, 2012 6:26 AM

Hi,
I have a working client-server system using the latest TCP control. I am trying to get a secure connection between the two.
I have been playing with the client server example, and creating my own development certificate, but I am not able to get it working, and there doesnt seem to be much in the helpfiles to cover this. Could someone point me in the right direction please?
Thanks,
Ian.
Nick B (Admin)

From: Utica, NY USA
Posts: 567
Member Since: 05/25/10

Extra Support Options
Custom Application Development

posted December 17, 2012 9:54 AM

Hello,

Please:

In the Start Menu program group, open 'Install Dart Test Certificate (password is dart)'.

Run the Server sample, click on the 'No Certificate Selected' LinkLabel, choose 'PowerTCP Test Certificate', then start the server (select a valid Address, choose Echo protocol).

Run the TCP Client sample, Session>Connect, configure security to something other than 'None', and then attempt to connect to the server (on port 7). You should now be able to type into the client, and the textbox will show the replies from the server.

Does this work?

What do you mean by 'not able to get it working'?
ianlcurtis

From: London, United Kingdom
Posts: 12
Member Since: 10/15/12
posted December 18, 2012 10:26 AM

Hi Nick,
thanks for this advice, I hadn't noticed the 'Install Dart Test Certificate' option on the menu. This allows the example to work as expected.
I have created a self-signed certificate using the MS makecert utility which I have copied to the trused root (for development purposes):

makecert -pe -n "CN=XPM3DEV.Imed.Local" -ss my -sr CurrentUser -a sha1 -sky exchange -eku 1.3.6.5.5.7.3.1 -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 "c:\Imed Dev Exchange Certificate.cer" -r

However, I receive a RemoteCertificateNameMismatch policy error when using this certificate. Is this likely to be an error in creating the certificate? Is this something that my code can ignore?
Thanks,
Ian.
Nick B (Admin)

From: Utica, NY USA
Posts: 567
Member Since: 05/25/10

Extra Support Options
Custom Application Development

posted December 18, 2012 11:13 AM

Hello Ian,

Yes, policy errors may be ignored; our TCP Client sample demonstrates this behavior in the TcpModel class, with the RemoteCertificateValidation delegate. Return a bool indicating whether you want to accept or refuse the certificate. The functionality is similar for the server.

We also demonstrate determining what issues there are with the certificate in tcpModel_CertificatePresented on the main form.

I'm sorry, we can't provide any support on the actual creation of the certificate and what errors will be likely when creating one; you will need to contact Microsoft for that.
ianlcurtis

From: London, United Kingdom
Posts: 12
Member Since: 10/15/12
posted December 18, 2012 12:00 PM

Hi Nick,
thanks for the advice. One last question - obviously in the example the user is prompted to select a certificate from the store when SSL is enabled. For a service running on a server machine would the certificate be best specified in the config file, and if so can the Dart control automatically pick this up? (or is there a preferred way of configuring this?)
Thanks,
Ian.
Nick B (Admin)

From: Utica, NY USA
Posts: 567
Member Since: 05/25/10

Extra Support Options
Custom Application Development

posted December 18, 2012 12:43 PM

Hello,

An X509Certificate is returned to the ClientSecurity.SelectionCallback, so you would need to maintain or retrieve the certificate yourself - we won't automatically pick something up. You can use our CertificateListForm class as a start-off point if you'd like to examine the user's certifiate store for the certificate (using a plaintext config file), or you may serialize the certificate object (which is more a pointer to it in your certificate store).

However, if you add your certificate to the ClientSecurity.Certificates collection (and don't use the SelectionCallback), the first certificate that passes a few validation checks will be used (selection is performed by Microsoft's code).
Reply | PowerTCP Sockets for .NET (Secure and Standard) Topics | Forums   
This site is powered by PowerTCP WebServer Tool PowerTCP WebServer for ActiveX