Bug 59192 - [Client Certificates] HttpWebRequest with HTTPS + Client Certificates fails
Summary: [Client Certificates] HttpWebRequest with HTTPS + Client Certificates fails
Alias: None
Product: iOS
Classification: Xamarin
Component: BCL Class Libraries ()
Version: XI 10.12 (d15-3)
Hardware: PC Windows
: Normal normal
Target Milestone: Future Cycle (TBD)
Assignee: Martin Baulig
Depends on: 58891
  Show dependency tree
Reported: 2017-09-02 13:11 UTC by ranson
Modified: 2017-09-15 04:04 UTC (History)
6 users (show)

Is this bug a regression?: No
Last known good build:

Repro for failure with HTTPS + ClientCertificate (244.55 KB, application/x-zip-compressed)
2017-09-02 13:11 UTC, ranson
Build logs with diagnostics verbosity (3.42 MB, text/plain)
2017-09-04 07:29 UTC, ranson
version info (4.44 KB, text/plain)
2017-09-04 07:30 UTC, ranson

Notice (2018-05-24): bugzilla.xamarin.com is now in read-only mode.

Please join us on Visual Studio Developer Community and in the Xamarin and Mono organizations on GitHub to continue tracking issues. Bugzilla will remain available for reference in read-only mode. We will continue to work on open Bugzilla bugs, copy them to the new locations as needed for follow-up, and add the new items under Related Links.

Our sincere thanks to everyone who has contributed on this bug tracker over the years. Thanks also for your understanding as we make these adjustments and improvements for the future.

Please create a new report for Bug 59192 on Developer Community or GitHub if you have new information to add and do not yet see a matching new report.

If the latest results still closely match this report, you can use the original description:

  • Export the original title and description: Developer Community HTML or GitHub Markdown
  • Copy the title and description into the new report. Adjust them to be up-to-date if needed.
  • Add your new information.

In special cases on GitHub you might also want the comments: GitHub Markdown with public comments

Related Links:

Description ranson 2017-09-02 13:11:38 UTC
Created attachment 24531 [details]
Repro for failure with HTTPS + ClientCertificate

It seems HttpWebRequest with HTTPS + Client Certificate fails since the release 10.10: not totally sure if it is broken since the 10.8 or 10.10, but the code built with the most up-to-date release available on march 5th 2017 correctly runs on all iOS devices above iOS 8.1.

I have attached a repro: I have deployed a WCF server on a Windows Azure VM that is currently listening on two endpoints. Both of them require HTTPS, and one of them requires HTTPS + Client Certificates.
In the repro, there is also a WindowsForms client that works successfully on both endpoints.
In the project XFClient.iOS, the call works correctly with HTTPS, but timed-out with HTTPS + ClientCertificates: A System.Net.WebException: Error getting response stream(ReadDone1): ReceiveFailure occurred
is raised after a while.
Comment 1 Vincent Dondain [MSFT] 2017-09-04 03:59:27 UTC

Thank you so much for the bug report.

Please include your full build logs, crash reports (if any) and all version information.

To get full build logs just set the log verbosity to diagnostic at the following locations:
- On Visual Studio for Mac: Preferences > Projects > Build
- On Visual Studio for Windows: Tools > Options > Projects and Solutions > Build and Run

On Visual Studio Windows you also want to add `-v -v -v -v` to the mtouch additional arguments by right-clicking the project in the solution explorer and selecting `Properties`.
Note: this is done automatically on Visual Studio for Mac when the log verbosity is set to diagnostic.

Easiest way to get exact version information:
- On Visual Studio for Mac: "Visual Studio" menu, "About Visual Studio" item, "Show Details" button.
- On Visual Studio for Windows: "Help menu", "About Microsoft Visual Studio" item.
Then copy/paste the version information (you can use the "Copy Information" button).
Comment 2 ranson 2017-09-04 07:29:33 UTC
Created attachment 24539 [details]
Build logs with diagnostics verbosity
Comment 3 ranson 2017-09-04 07:30:04 UTC
Created attachment 24540 [details]
version info
Comment 4 Vincent Dondain [MSFT] 2017-09-08 15:50:12 UTC

I can confirm the issue.

When deploying XFClient.iOS on either simulator or device, if you press "Endpoint 2" (the one that requires client certificates) you get a System.Net.WebException: Error getting response stream(ReadDone1): ReceiveFailure occurred after a while.

I tried this with different XI version from Xcode 9 (10.99) all the way back to XI 10.8 and it doesn't work with any of those, this is not a regression.

Please keep the WCF server on a Windows Azure VM up until we fix the issue.
Comment 5 ranson 2017-09-09 09:06:41 UTC
Not persuaded it is not regression as I have a Xamarin.iOS application published on iTunes on March 5th 2017 that works with HTTPS + Client Certificates with exactly the same code as in the repro.

It may have been broken between Xamarin XI 10.6 and 10.8, so far as 10.8 has removed the old Mono SSL/TLS provider.
Comment 6 Marek Safar 2017-09-13 11:54:37 UTC
Martin, do we have any workaround for this?