Not logged in. · Lost password · Register
Forum: MatriX RSS
Avatar
goodzhengcheng #1
Member since Mar 2013 · 8 posts
Group memberships: Members
Show profile · Link to this post
Subject: Some problem about root certificate
I use MatriX for RT to develop windows store app,but when I try to call xmppClient.Open(),An exception occured.It says "A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider".So I want to know what should I do to solve this problem.And the debug XML and event is as below.Thank you.


  1. Send: <stream:stream xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client" to="zhengcheng" version="1.0" >
  2. Recv: <stream:stream xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client" from="zhengcheng" id="87e28c2f" xml:lang="en" version="1.0" >
  3. Recv: <stream:features xmlns:stream="http://etherx.jabber.org/streams">
  4.  <starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls" />
  5.  <mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl">
  6.     <mechanism>DIGEST-MD5</mechanism>
  7.     <mechanism>PLAIN</mechanism>
  8.     <mechanism>ANONYMOUS</mechanism>
  9.     <mechanism>CRAM-MD5</mechanism>
  10.  </mechanisms>
  11.  <compression xmlns="http://jabber.org/features/compress">
  12.     <method>zlib</method>
  13.  </compression>
  14.  <auth xmlns="http://jabber.org/features/iq-auth" />
  15.  <register xmlns="http://jabber.org/features/iq-register" />
  16. </stream:features>
  17. Send: <starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls" />
  18. Recv: <proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls" />
  19. Send: </stream:stream>
  20. Send: <stream:stream xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client" to="zhengcheng" version="1.0" >

Event:
OnTls    =>transport channel is secure now
OnError
OnError
OnClose
OnError
This post was edited 2 times, last on 2013-03-22, 09:29 by Alex.
Avatar
Alex #2
Member since Feb 2003 · 4295 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
WinRT handles the certificates inside. Unlike the full .NET Framework there is no certificate validation callback where you can process certificate errors and also accept "invalid" certs.

All we can do is pass a custom TlsValidationHostname
see also: http://forum.ag-software.net/thread/1386-WinRT-Project-Help

So when you pass the correct TlsValidationHostname in the XmppClient and WinRT still complains about your certificate then you either have to install a proper certificate on your server or disable TLS security in MatriX (xmppClient.StartTls = false).

Alex
This post was edited on 2013-06-04, 15:48 by Alex.
Avatar
goodzhengcheng #3
Member since Mar 2013 · 8 posts
Group memberships: Members
Show profile · Link to this post
I get it .Thanks a lot.
Close Smaller – Larger + Reply to this post:
Verification code: VeriCode Please enter the word from the image into the text field below. (Type the letters only, lower case is okay.)
Smileys: :-) ;-) :-D :-p :blush: :cool: :rolleyes: :huh: :-/ <_< :-( :'( :#: :scared: 8-( :nuts: :-O
Special characters:
Forum: MatriX RSS