EldoS | Feel safer!

Software components for data protection, secure storage and transfer

vrIdentityMismatch (error code 512) in C# SSLSocketDemo client sample

Posted: 10/28/2014 11:05:22
by Matthew Memmesheimer (Basic support level)
Joined: 10/28/2014
Posts: 4

I am currently evaluating Secure Blackbox as a possibility for a project. I was trying to create a simple SSL socket client in my application and noticed that no matter what server I connect to (even publicly known good servers like google.com and microsoft.com) I was getting vrIdentityMismatch error when trying to validate the certificate. I then proceeded to check my code against the provided sample applications.

The sample in Samples/C#/SSLBlackbox/Desktop/Client/SSLClientDemo/SSLSocketDemo.sln seemed to fit my needs, so I ran it (unmodified except for my trial license key), ensuring that the "Strict certificate validation" option was checked in the GUI. The server I wanted to connect to was still getting the vrIdentityMismatch error, so I tried it with the "built-in" servers that are already in the sample code (www.microsoft.com, www.ibm.com, etc). These servers also produced this error. Is there something I am missing here? Why does even the sample application not properly validate the SSL certificates of sites that should be known to be working? I doubt this is an issue with the certificates of all of these websites (Google, Microsoft, IBM, etc).
Posted: 10/28/2014 11:21:43
by Eugene Mayevski (Team)

Should work correctly ...

Let's continue in HelpDesk ( https://www.eldos.com/helpdesk/ ) please. I have created a new support ticket based on your above message. You will see your (and only your) support tickets by following this URL. You will also get e-mail notifications about updates related to your support ticket.

Sincerely yours
Eugene Mayevski
Posted: 05/22/2015 02:12:55
by Yves Janssens (Basic support level)
Joined: 05/22/2015
Posts: 2

I'm currently experiencing the same issue with the SSLSocketDemo, the WinRT HTTPGet sample, and my own Windows Phone 8 app. The desktop HTTPGet sample seems to work.
Was the cause of this problem ever found?
Posted: 05/22/2015 02:44:38
by Eugene Mayevski (Team)

Thank you for the report.

1) please specify which exactly version of SecureBlackbox you are using. Version number can be found in assembly properties or in changes.txt file or in SBUtils.Unit.SB_VERSION_NUMBER constant

2) please post the address or hostname that you are connecting to.

I have some ideas why this happens, but to confirm them I need to see what you pass to the component in its Address property.

Could you please post

Sincerely yours
Eugene Mayevski
Posted: 05/22/2015 03:02:24
by Yves Janssens (Basic support level)
Joined: 05/22/2015
Posts: 2

Address: https://www.eldos.com

In the WinRT HTTPSGet sample I'm using the default values(www.eldos.com), but I selected HTTPS.

In the SSLSocketDemo sample I used https://www.microsoft.com and checked strict vertificate validation.
Posted: 05/22/2015 05:33:17
by Ken Ivanov (Team)

Hi Yves,

It seems to be a typo in the sample(s). Basically, the samples do not pass the web site address to the TElX509Certificate.ValidateForSSL() call, therefore inducing an identity mismatch error. The correct validation call should be made like that:

CertificateValidator.ValidateForSSL(X509Certificate, <remote host name>, <remote IP address>, TSBHostRole.hrServer, null, false, false, DateTime.Now, ref Validity, ref Reason);

Thank you for reporting the problem, we will update the samples accordingly.




Topic viewed 1234 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!