I’m trying to setup a socket using SSL on .net, all works great except that we have to skip the validation of the certificate… I’m suspecting mono does not ship with any root certificates and unity is probably not using the platforms certificates
http://www.mono-project.com/UsingTrustedRootsRespectfully
Has anyone found a means to validate the certificates without simply accepting the certificate failure to prevent a man in the middle style attack. The mono guides I’ve looked at indicate installing certificates but given I am targetting for iOS and Android I’m not sure how / if this is possible at the mono level and if it would require going down to make an ios / android call to validate the cert? I would have hoped that the unity platform would delegate to the appropriate platform keystore for cert validation?
here’s how we skip the validation callback:
var secureStream = new SslStream(
tcpclient.GetStream(),
false,
ValidateServerCertificate,
null
);
public static bool ValidateServerCertificate(
object sender,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors sslPolicyErrors)
{
if (sslPolicyErrors != SslPolicyErrors.None)
{
Logger.WarnCh("comms", "Warn cert errors");
}
return true;
}