Authentication failed because remote party has closed the transport stream

.net openssl x509certificate sslstream
Odelu picture Odelu · Jun 5, 2015 · Viewed 110.1k times · Source

I am developing a TCP client to connect OpenSSL server with the certificate authentication. I have using .crt and .key files shared by server team. These certificates are generated by OpenSSL commands.

I am using SslStream object to authenticate the Tcp client by calling SslStream.AuthenticateAsClient method by passing server IP, SslProtocols.Ssl3 and X509CertificateCollection.

I am getting the following error:

Authentication failed because the remote party has closed the transport stream

Answer

GuiSim picture GuiSim · Feb 10, 2016

I would advise against restricting the SecurityProtocol to TLS 1.1.

The recommended solution is to use

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls

Another option is add the following Registry key:

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319 
Value: SchUseStrongCrypto

It is worth noting that .NET 4.6 will use the correct protocol by default and does not require either solution.

Related questions

How can I sign a file using RSA and SHA256 with .NET?

My application will take a set of files and sign them. (I'm not trying to sign an assembly.) There is a .p12 file that I get the private key from. This is the code I was trying to use, but …

Read More
OpenSSL encryption using .NET classes

I'm looking to create a class that uses the .NET libraries that is compatible with OpenSSL. I'm aware there is an OpenSSL.Net wrapper, but I would prefer to avoid referencing 3rd party\unmanaged code. I'm not looking for a …

Read More
How to make an HTTP POST web request

Canonical How can I make an HTTP request and send some data using the POST method? I can do a GET request, but I have no idea of how to make a POST request.

Read More