9

I implemented a very simple web server using the HttpListener in MonoTouch. Everything is working fine. Now I need to add HTTPS support. I tried to follow the steps from

Httplistener with https support

but I don't know where to set the certificates in MonoTouch. Just adding the prefix "https://*:443" doesn't help, as no connections are possible and no exceptions are thrown.

According to http://msdn.microsoft.com/en-us/library/system.net.httplistener.aspx, this might be because one has to specify a server certificate ("You can configure Server Certificates and other listener options by using HttpCfg.exe").

How can I do it in MonoTouch?

Community
  • 1
  • 1
zmit
  • 557
  • 5
  • 9

1 Answers1

7

This is a very good question. In some cases, like for HttpListener, .NET requires tools or .config files (using System.Configuration) to tweak the configuration of an application. In many cases there are API do achieve the same purpose, but not always (and not in this case).

The solution is to look at Mono's source code to see what it expects the HttpCfg.exe tool to setup for the application. From github:

string dirname = Environment.GetFolderPath (Environment.SpecialFolder.ApplicationData);
string path = Path.Combine (dirname, ".mono");
path = Path.Combine (path, "httplistener");
string cert_file = Path.Combine (path, String.Format ("{0}.cer", port));
if (!File.Exists (cert_file))
    return;
string pvk_file = Path.Combine (path, String.Format ("{0}.pvk", port));
if (!File.Exists (pvk_file))
    return;
cert = new X509Certificate2 (cert_file);
key = PrivateKey.CreateFromFile (pvk_file).RSA;

So the solution is to create the same directory structure (it's possible since it will point under the Documents directory) and copy the .cer file (binary DER-encoded certificate) and the .pvk file (which is the private key in the format that makecert creates) with the port number as the file name.

With those files in place you should be able to start the HttpListener and have it load the required certificate and private key required to handle SSL requests.

poupou
  • 43,007
  • 6
  • 74
  • 172
  • 1
    In order for it to work, the .cer and .pvk files must reside in /.config/.mono/httplistener – zmit Nov 19 '12 at 11:55
  • Thanks for posting this!! I assuming you got this working in MonoTouch? I'm trying to get it working on Monodroid. I can't figure out how to get the cert and pvk files in the right place. I added them as "Assets" but that didn't seem to work. :-( – exvance Jan 24 '13 at 23:35
  • Is it just me or does this defeat the purpose of HTTPS, since it would not be that hard to simply download the private key out of the bundle, or off of the filesystem? – borrrden Jul 21 '15 at 02:14
  • @exvance did you ever figure out where to store the files? – Peter Dec 14 '17 at 13:20