Bug 31702 - Expiration Date Validation Check fails for HttpWebRequest over ssl connection
Summary: Expiration Date Validation Check fails for HttpWebRequest over ssl connection
Status: NEW
Alias: None
Product: Class Libraries
Classification: Mono
Component: System (show other bugs)
Version: 3.12.0
Hardware: Other Linux
: --- normal
Target Milestone: Untriaged
Assignee: Bugzilla
URL:
Depends on:
Blocks:
 
Reported: 2015-07-07 10:29 UTC by brust
Modified: 2015-07-09 14:53 UTC (History)
2 users (show)

Tags:
Is this bug a regression?: ---
Last known good build:

Notice (2018-05-24): bugzilla.xamarin.com is now in read-only mode.

Please join us on Visual Studio Developer Community and in the Xamarin and Mono organizations on GitHub to continue tracking issues. Bugzilla will remain available for reference in read-only mode. We will continue to work on open Bugzilla bugs, copy them to the new locations as needed for follow-up, and add the new items under Related Links.

Our sincere thanks to everyone who has contributed on this bug tracker over the years. Thanks also for your understanding as we make these adjustments and improvements for the future.


Please create a new report for Bug 31702 on GitHub or Developer Community if you have new information to add and do not yet see a matching new report.

If the latest results still closely match this report, you can use the original description:

  • Export the original title and description: GitHub Markdown or Developer Community HTML
  • Copy the title and description into the new report. Adjust them to be up-to-date if needed.
  • Add your new information.

In special cases on GitHub you might also want the comments: GitHub Markdown with public comments

Related Links:
Status:
NEW

Description brust 2015-07-07 10:29:12 UTC
The Expiration Date Validation Check fails for a HttpWebRequest over an SSL connection. We set the system date of our client to a date before and after the validity period of our server certificate, but no exception has been thrown by the WebRequest class. The same code compiled with .Net compiler on a windows system throws an exception. We don#t use any own implemented poloicies or validation callback methods. We use the mozroots.exe sync tool for all Mozilla’s root certificates.

try
{
byte[] rawData = Crypto.Encrypt(data);
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
request.Method = "POST";
request.Timeout = timeout;
request.ContentType = "application/octet-stream";
request.ContentLength = rawData.Length;
Stream stream = request.GetRequestStream();
stream.Write(rawData, 0, rawData.Length);
stream.Close();

WebResponse response = request.GetResponse();
byte[] receiveRawData = Crypto.ReadFully(response.GetResponseStream());
byte[] receiveData = receiveRawData;
decr = Crypto.Decrypt(receiveData);
catch (Exception ex)
{
     ;
}
return decr;