Https Listener Certificate error

Question

I did following Thing: httplistener-with-https-support I got no error through all steps but now if I want to connect to the listener, I get following Errors:

From Chrome I get: "NET::ERR_CERT_COMMON_NAME_INVALID"
From Edge I get: "DLG_FLAGS_SEC_CERT_CN_INVALID"
From Firefox I get: "SEC_ERROR_UNKNOWN_ISSUER"

This is my Code:

static void Main(string[] args)
    {
        var prefixes = "https://*:8080/";
        var listener = new HttpListener();
            listener.Prefixes.Add(prefixes);
        listener.Start();
        Console.WriteLine("Listening...");

        HttpListenerContext context = listener.GetContext();
        HttpListenerRequest request = context.Request;
        // Obtain a response object.
        HttpListenerResponse response = context.Response;
        // Construct a response.
        string responseString = "<HTML><BODY> Hello world!</BODY></HTML>";
        byte[] buffer = System.Text.Encoding.UTF8.GetBytes(responseString);
        // Get a response stream and write the response to it.
        response.ContentLength64 = buffer.Length;
        System.IO.Stream output = response.OutputStream;
        output.Write(buffer, 0, buffer.Length);
        // You must close the output stream.
        Console.ReadKey();
        output.Close();
        listener.Stop();

Here are my certifications: HERE

What did I wrong?

Who issued the certificate? What hostname are you using in the browser? What domain(s) is the certificate valid for? — phuzi, Jul 13 '18 at 14:16
I used localhost in the Browsers and I dont know what domains are in the certificate. I just did the steps and there was no specific domain i guess — Nico.E, Jul 13 '18 at 14:19
I have recently implemented HTTPS using HTTPListener and allow communication over LAN as well by add firewall rule. There is no any input required, everything is handled by C# code. I have shared full code of the solution here: https://stackoverflow.com/a/58149405/983548 — Habib Sheikh, Sep 28 '19 at 21:08

score 1 · Accepted Answer · answered Jul 13 '18 at 16:08

1

Both Edge and Chrome trust the cert because you put it in the Windows cert trust store. They both dislike it serving up requests to "localhost" because your certificate seems to have the subject CN value of vMargeBySignedCA and no Subject Alternative Name extension.

Firefox doesn't use the Windows trust store, so it doesn't trust the CA (you'd need to add it to Firefox's trust store). It reports the unknown issuer / untrusted cert prior to reporting that the name made no sense in context.

answered Jul 13 '18 at 16:08

bartonjs

23,118
2
51
90

I still dont get what I need to do. I changed the CN of the ssl cert to my hostname but I get still the same error :/ – Nico.E Jul 16 '18 at 08:30
After a Long search, this works for me in power Shell `New-SelfSignedCertificate -DnsName "localhost" -CertStoreLocation "cert:\LocalMachine\My"` – Nico.E Jul 16 '18 at 11:37

Https Listener Certificate error

1 Answers1