Bug 60576 - [Client Certificates] DUPLICATE - Renegotiation not supported
Summary: [Client Certificates] DUPLICATE - Renegotiation not supported
Alias: None
Product: Class Libraries
Classification: Mono
Component: Mono.Security ()
Version: 5.4 (2017-06)
Hardware: PC Windows
: --- normal
Target Milestone: Future Release
Assignee: Martin Baulig
Depends on:
Reported: 2017-11-08 19:07 UTC by jmparks
Modified: 2017-11-28 13:02 UTC (History)
3 users (show)

Is this bug a regression?: ---
Last known good build:

Notice (2018-05-24): bugzilla.xamarin.com is now in read-only mode.

Please join us on Visual Studio Developer Community and in the Xamarin and Mono organizations on GitHub to continue tracking issues. Bugzilla will remain available for reference in read-only mode. We will continue to work on open Bugzilla bugs, copy them to the new locations as needed for follow-up, and add the new items under Related Links.

Our sincere thanks to everyone who has contributed on this bug tracker over the years. Thanks also for your understanding as we make these adjustments and improvements for the future.

Please create a new report on GitHub or Developer Community with your current version information, steps to reproduce, and relevant error messages or log files if you are hitting an issue that looks similar to this resolved bug and you do not yet see a matching new report.

Related Links:

Description jmparks 2017-11-08 19:07:47 UTC
Application is running on Samsung Android 6.
The build is using Xamarin, Xamarin.Android 8.02.1
HttpClient implementation = Android;
SSL/TLS implementation = Native TLS 1.2+

This happens when attempting to call a web service (System.ServiceMode.ClientBase<>);
If a fiddler proxy is used between the client device and the network , it works fine.
The same code works on a Windows desktop.

 System.Net.WebException: Error getting response stream (ReadDone1): ReceiveFailure ---> System.IO.IOException: read failed ---> Mono.Btls.MonoBtlsException: Ssl error:100000b6:SSL routines:OPENSSL_internal:NO_RENEGOTIATION
  at /Users/builder/jenkins/workspace/xamarin-android/xamarin-android/external/mono/external/boringssl/ssl/s3_pkt.c:446
  at Mono.Btls.MonoBtlsContext.Read (System.Byte[] buffer, System.Int32 offset, System.Int32 size, System.Boolean& wantMore) [0x00044] in <6c708cf596db438ebfc6b7e012659eee>:0 
  at Mono.Net.Security.MobileAuthenticatedStream.ProcessRead (Mono.Net.Security.AsyncProtocolRequest asyncRequest, Mono.Net.Security.AsyncOperationStatus status) [0x00017] in <6c708cf596db438ebfc6b7e012659eee>:0 
  at Mono.Net.Security.AsyncProtocolRequest.ProcessOperation (Mono.Net.Security.AsyncOperationStatus status) [0x0006b] in <6c708cf596db438ebfc6b7e012659eee>:0 
  at Mono.Net.Security.AsyncProtocolRequest.ProcessOperation () [0x0000d] in <6c708cf596db438ebfc6b7e012659eee>:0 
  at Mono.Net.Security.AsyncProtocolRequest.StartOperation () [0x00000] in <6c708cf596db438ebfc6b7e012659eee>:0 
   --- End of inner exception stack trace ---
  at Mono.Net.Security.MobileAuthenticatedStream.EndReadOrWrite (System.IAsyncResult asyncResult, Mono.Net.Security.AsyncProtocolRequest& nestedRequest) [0x00055] in <6c708cf596db438ebfc6b7e012659eee>:0 
  at Mono.Net.Security.MobileAuthenticatedStream.EndRead (System.IAsyncResult asyncResult) [0x00000] in <6c708cf596db438ebfc6b7e012659eee>:0 
  at System.Net.WebConnection.ReadDone (System.IAsyncResult result) [0x00027] in <6c708cf596db438ebfc6b7e012659eee>:0 
   --- End of inner exception stack trace ---
  at (wrapper managed-to-native) System.Object:__icall_wrapper_mono_delegate_end_invoke (object,intptr)
  at (wrapper delegate-end-invoke) <Module>:end_invoke_object__this___object[]&_IAsyncResult (object[]&,System.IAsyncResult)
  at System.ServiceModel.MonoInternal.ClientRuntimeChannel.EndProcess (System.Reflection.MethodBase method, System.String operationName, System.Object[] parameters, System.IAsyncResult result) [0x0001f] in <475dec2c1fe44b95bbfbd21b550b63f8>:0 
  at System.ServiceModel.ClientBase`1+ChannelBase`1[TChannel,T].EndInvoke (System.String methodName, System.Object[] args, System.IAsyncResult result) [0x00045] in <475dec2c1fe44b95bbfbd21b550b63f8>:0 
  at ELDSubmissionServiceClient+ELDSubmissionServiceClientChannel.EndPing (System.IAsyncResult result) [0x00008] in C:\OnBoard\InstallTool\InstallTool\ELDSubmissionService.cs:860 
  at ELDSubmissionServiceClient.IELDSubmissionService.EndPing (System.IAsyncResult result) [0x00001] in C:\OnBoard\InstallTool\InstallTool\ELDSubmissionService.cs:689 
  at ELDSubmissionServiceClient.OnEndPing (System.IAsyncResult result) [0x00001] in C:\OnBoard\InstallTool\InstallTool\ELDSubmissionService.cs:700 
  at System.ServiceModel.ClientBase`1+<>c__DisplayClass39_0[TChannel].<InvokeAsync>b__0 (System.IAsyncResult ar) [0x00006] in <475dec2c1fe44b95bbfbd21b550b63f8>:0 }
    base: {System.InvalidOperationException}
    Response: (null)
    Status: System.Net.WebExceptionStatus.ReceiveFailure

The server involved is IIS 10.

I believe this may be a known problem, but I cannot find any work around.
Comment 1 Roberto Mujica 2017-11-27 22:36:42 UTC

Is there any workaround for this?
Comment 2 Martin Baulig 2017-11-27 22:48:08 UTC
We currently do not support client certificates.
Comment 3 jmparks 2017-11-28 13:02:10 UTC
What is the time line for a proper implementation that does support client certificates?
The lack of support in this area is a real problem and means that
Xamarin.Android is far less useful than it should be.