Join GitHub today
Disabled client certificate request for HttpConnection (HttpListener)… #2817
Enforcing HttpListener connections to validate client certificates by default render HttpListener unusable for most cases.
It was hardcoded to request the certificate, now it's disabled.
It should be extended to be configurable.
Also an small typo on x509 chain is corrected.
However, it looks like you haven't signed our CLA (Contributor License Agreement) yet. In order for us to accept your pull request, you have to sign our CLA first.
You can read and sign our full Contributor License Agreement here.
Your friendly Xamarin CLA Bot#
Hello! I'm the build bot for the Mono project. I need approval from a Mono team member to build this pull request. A team member should reply with "approve" to approve a build of this pull request, "whitelist" to whitelist this and all future pull requests from this contributor, or "build" to explicitly request a build, even if one has already been done. Contributors can ignore this message.
referenced this pull request
Mar 31, 2016
Before this can be merged, the following questions need to be answered:
[ ] What is the behavior of the same API on Windows
I do not like this patch, because users that have managed to use this API are requiring these checks, so this is effectively lowering the expected security that users would have. If something like this were to be done, we would need to figure out a communications plan.
Additionally, perhaps what we need to do is teach users how to use LetsEncrypt to make this easier, or even bundle a command line tool to make this easier.
The asnwers are the same as two years ago, by default Windows deactivates the client certificates, and to enable them you must use the certmgr tool with an special parameter.
I think nobody is using the HttpListener with SSL because this issue, there are a lot of complains about it, you can find them on ServiceStack, CouchBase, a bunch of posts on StackOverflow, etc etc.
I though this patch was forgot but a message of lewurm asked me to update it to pass it the CI, so I updated the solution (because the patch was for an older version and was worse to update all than modifying it again) and created the new pull request only because that.
Miguel, I run into the same issue; I get a prompt for a client side certificate, only on Mac; on Windows no prompt. Found this article from Microsoft which might give you the switch you're looking for: