I had to do a mutual SSL authentication for peer-peer communication not localhost. I am doing this using Microsoft.Net Socket Communication Class along with SslStream class having ValidateServerCertificate and ValidateClientCertificate callbacks.
For this i have created self signed certificates comprising of one root certificate a server certificate and a client certificate.Below are the commands i am using for generating the same.
Root ->makecert.exe -n "CN=abc.com" -r -pe -a sha512 -len 4096 -cy authority -sv RootCert.pvk RootCert.cer ->pvk2pfx -pvk RootCert.pvk -spc RootCert.cer -pfx RootCert.pfx -po test123
Server ->makecert.exe -pe -n "CN=abc.com" -a sha512 -sky exchange -eku 1.3.6.1.5.5.7.3.1 -ic RootCert.cer -iv RootCert.pvk -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 -sv ServerCert.pvk ServerCert.cer ->pvk2pfx -pvk ServerCert.pvk -spc ServerCert.cer -pfx ServerCert.pfx -po test123
Client ->makecert.exe -pe -n "CN=abc.com" -a sha512 -sky exchange -eku 1.3.6.1.5.5.7.3.2 -ic RootCert.cer -iv RootCert.pvk -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 -sv ClientCert.pvk ClientCert.cer ->pvk2pfx -pvk ClientCert.pvk -spc ClientCert.cer -pfx ClientCert.pfx -po test123
After generating all the required certificates i am adding them to mmc console as you have explained above. To check for mutual authentication i am using X509Certificate2 class, while doing this in SslPolicyErrors i am encountering error stating RemoteCertificate Name Mismatch
I know this is a long shot but can anyone give me any pointers on the same.
Hi guys if you are still facing the same issues as that i have posted please follow the below link. Our team worked on it and we found the below solution, hope it helps.