Skip to content

Support wildcard ssl certs #12

New issue
New issue
Open
Open
Support wildcard ssl certs#12
@Nakano37

Description

@Nakano37
Nakano37
opened on Oct 23, 2024

Trying to connect to one of Amazon's AWS Gamelift servers (which is also running WebsocketSimple Server) using their certs, which openssl is telling me are valid, I'm getting the following error trying to connect using WebsocketSimple Client:

Error during ConnectAsync() - The remote certificate is invalid according to the validation procedure: RemoteCertificateNameMismatch: 
System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure: RemoteCertificateNameMismatch
   at System.Net.Security.SslStream.SendAuthResetSignal(ReadOnlySpan`1 alert, ExceptionDispatchInfo exception)
   at System.Net.Security.SslStream.CompleteHandshake(SslAuthenticationOptions sslAuthenticationOptions)
   at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](Boolean receiveFirst, Byte[] reAuthenticationData, CancellationToken cancellationToken)
   at WebsocketsSimple.Client.Models.WebsocketClientHandlerBase`5.CreateSSLConnectionAsync(CancellationToken cancellationToken)
   at WebsocketsSimple.Client.Models.WebsocketClientHandlerBase`5.ConnectAsync(CancellationToken cancellationToken)

openssl is showing this valid certificate chain being returned by the server:

% openssl s_client -connect 5j4d59jnjp266srkr61d9xpf85347tnvp4or4kym4lea0my2go.6jxfe2l66hkd7eue0ktgiuq0og84idcf.us-west-2.amazongamelift.com:38258
Connecting to 18.246.27.227
CONNECTED(00000005)
depth=2 C=US, O=Amazon, CN=Amazon Root CA 1
verify return:1
depth=1 C=US, O=Amazon, CN=Amazon RSA 2048 M03
verify return:1
depth=0 CN=*.6jxfe2l66hkd7eue0ktgiuq0og84idcf.us-west-2.amazongamelift.com
verify return:1
---
Certificate chain
 0 s:CN=*.6jxfe2l66hkd7eue0ktgiuq0og84idcf.us-west-2.amazongamelift.com
   i:C=US, O=Amazon, CN=Amazon RSA 2048 M03
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
   v:NotBefore: Oct 23 00:00:00 2024 GMT; NotAfter: Nov 21 23:59:59 2025 GMT
 1 s:C=US, O=Amazon, CN=Amazon RSA 2048 M03
   i:C=US, O=Amazon, CN=Amazon Root CA 1
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
   v:NotBefore: Aug 23 22:26:04 2022 GMT; NotAfter: Aug 23 22:26:04 2030 GMT
---

so I assume it's the wildcard cert that is causing it to fail.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions