This question is all about solving a SslPolicyError.RemoteCertificateNotAvailable error.
I have developed a TCP Server with SSLStream and a TCP Client for the other end.
I authenticate the server with:
sslStream.BeginAuthenticateAsServer
I authenticate the client with:
sslStream.BeginAuthenticateAsClient
I am loading my client certificate from Trusted Publishers - Local Machine.
Both are running on the same machine.
I tried loading the client certificate from the .cer and .pfx files rather than the trusted publishers store. But the server's client (remote) certificate validator callback fails by finding that SslPolicyErrors has a RemoteCertificateNotAvailable error.
The link didn't come through, but there's a problem I can spot with the statment: "I loaded my client certificate from Trusted Publishers"
Client certificates (i.e. those including Client Authentication in their Enhanced Key Usage field) typically live in the Personal store for a user account. You always need a private key for a certificate in order to "be" the entity from that certificate.
Same with Server certificates (which have a different Intended Purpose OID associated with them, though - Server Authentication). It'd be odd for you to have a cert with a private key available in the Trusted Publishers store, I think.
If you double-click a client or server certificate in CertMgr.msc , you should see a This certificate has a private key-type message towards the bottom.
If you don't, you only have half a key pair - signatures and authentication require the private key. (The server cert needs a private key at the server end, and the client cert needs a private key at the client end.)