I'm attempting to get client and server applications (developed in C# and .NET) using secure web sockets to validate the certificates within the applications.
Is there a mechanism for a WebSocket (System.Net.Websockets.WebSocket in .NET) using a secure (wss) connection to perform custom validation on a client certificate? And similarly a client WebSocket to perform custom validation of the server certificate?
For example, with the .NET class SSLStream a RemoteCertificateValidationCallback can be passed to the constructor. I assume there is a similar mechanism for WebSockets but I can't seem to find any examples or documentation.
I had the same issue with the websocket client implementation and could not find any way to do that using System.Net.Websockets.WebSocket.
I solved it using a System.Net.Sockets.Socket to establish the connection and then implement the client-server handshake to upgrade the Socket connection to a websocket connection with the websocket server, and also implemented other methods to send messages and to continuously read for incoming data, simulating the WebSocket behavior (you can find how to do that in several code examples and open source websocket libraries, i.e. https://github.com/kerryjiang/WebSocket4Net ).
Related
I need a ClientWebSocket wrapper in order to connect and collect data from wss://stream.binance.com:9443. The received data should be broadcasted to the UI (realtime UI) through a web socket server.
The broadcast part can be achieved using SignalR .NET Server. It is documented on MSDN.
The client web socket part is what I can't imagine. I found a SignalR .NET Client that I can use to connect to wss://stream.binance.com:9443, however I don't think it is possible, because SignalR probably has its own transport protocol. Is it correct?
If the Signal .NET Client doesn't work in my case, could you please direct me to alternative solutions? I was looking at the following
https://github.com/Marfusios/websocket-client
https://github.com/skunklab/piraeus/tree/96fcbc854d0c8d2c2cd62e457f06ef638859b6eb/src/SkunkLab.Channels/WebSocket
https://gist.github.com/xamlmonkey/4737291
It's worth stating that the ClientWebSocket subscriptions to Binance will be created for multiple API keys (unknown amount of users - based on DB user records).
I have a local c# server running and listening on localhost and a browser connecting to a cloud service running a JavaScript HTML5 implementation of websockets. Standard ws://
This works great over HTTP:// and I can read the header and use it, but I need it to run in HTTPS:// I understand that I have to change to wss:// and this does connect to my server but the header is garbled/encrypted.
I have looked into SslStream but drawn a blank.
How do I handle this WebSocket Secure header in C#?
This question was answered in the comments:
If your app is behind a Proxy load balancer, it would normally manage the SSL for you (accessing your app without encryption).
If you need to manage SSL, complete the SSL handshake first (usually right after you accept the connection) and than parse protocol specific data (HTTP, Websockets, SMTP etc').
I am recently learning about web sockets in .Net and have just found SignalR which seems like too good to be true in terms of the abstraction of what connection to use and it seems like there are a few signalr clients in different languages which is awesome.
In my current project different resources are being exposed through a RESTful API, and from my understanding of websockets the client needs to upgrade to a web socket connection through a HTTP request/response. Does signalR handle all this handshaking going on?
If there is an initial request/response from a GET request to retrieve a certain resource but they opt to upgrade to a socket connection, does the server give them any sort of response besides the response saying it acknowledges to open up a web socket connection or is the handshake all that occurs before the information is live updated for that particular resource?
Do you think signalR is scalable as opposed to implementing this through a protocol like STOMP where there are a large number of client libraries?
You are making things too complicated. A typical example of using signalr is:
an html file using JavaScript to connect to a signalr Server when the page is loaded. we call this signalr client.
a signalr server written in c#. it can be a winform or console or service.
the signalr Server can call any dll, or webservices or webapi located in the same server, or even in different Server.
then, the client can call any function defined in the signalr server. the server can call any function defined in the client for a particular client or for groups of clients.
also, client x can call client y functions as well.
you can actually forget about Web sockets, signalr choose the most appropriate transport protocol for you. it will choose Web sockets if it is available in both the server and the client.
I am designing a system in a client server architecture - TCP based. There is a requirement that all the messages between the server & client should be encrypted. So I am thinking of using SslStream class in .NET Framework.
From SslStream MSDN, my understanding is that we need to use Client & server certificates to make a proper channel & communicate.
I don't want to use any certificate specific to particular machine(client) or server. I Just wanted to have a common key between the system.
Is there any possibility to use the SSL stream without certificates??
Whilst not required by the TLS spec, the use of the .NET SslStream implementation requires that the server has a certificate (and its associated private key). This allows any client to confirm that it is communicating with the server it expects to be. Optionally, clients can also be authenticated by having them provide a client certificate to the server. So, if you want to use SslStream, you're at a minimum going to have to create a certificate for the server, because that is how this particular implementation works.
If you don't wish to use certificates at all, then there are other options. E.g. if you are planning on using your application within a Windows domain, and both client/server are Windows based, you may be able to use NegotiateStream instead. This also supports encryption/authentication, but does not use certificates, and will additionally allow you to identify the user on the other side of the connection.
I'm trying to build an application that would use TCP sockets to communicate with a server.
When a proxy is detected in system settings, the application tries to connect through it through these steps:
Connect to proxy.
Issue CONNECT Host:Port HTTP/1.1<CR><LF>
Issue <CR><LF>
However it turns out that the proxy also needs to do NTLM authentication using the credentials of current user who's logged in.
.Net already implement this using:
Webproxy.crendentials = CredentialCache.GetDefaultCrendentials
But it only works with WebRequests types of sockets. And I am using regular sockets with Stream.Read and Stream.Write