Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Is SSL supported? #31

Open
kchinnam opened this issue Feb 11, 2016 · 11 comments
Open

Is SSL supported? #31

kchinnam opened this issue Feb 11, 2016 · 11 comments
Labels
feature
Milestone
vFuture

Comments

@kchinnam
Copy link

Hi,
I'm guessing no but just wanted to check, is there an option to run the web server as as HTTPS server? I was going to use this project to implement an API server that would involve authentication.

If not, any pointers on implementing HTTPS support myself?
@Jark
Copy link
Collaborator

Jark commented Feb 12, 2016

Hey Kchinnam,

Currently ssl is not supported and it will be hard to implement because Windows Universal (for now) does not have server-side ssl support.

The underlying StreamSocketListener does not support upgrading the StreamSocket to SSL, see:
https://msdn.microsoft.com/en-us/library/windows/apps/windows.networking.sockets.streamsocket.upgradetosslasync.aspx

The only way that I could see of doing it, is to use some kind of library to implement ssl on top of the StreamSocketListener stream.

@tomkuijsten
Copy link
Owner

Hi all,

It's something that I need as well. I'm not that familiar with https, but as the msdn article (as linked by @Jark) stated:

The UpgradeToSslAsync method only implements the client parts of the SSL protocol negotiation...

If anyone has another idea to implement this, let me know!

@ManniAT
Copy link

ManniAT commented Feb 16, 2016

Hi Tom,

I understand that only Client implements "upgrade" - this is used for the case that a server forces (wants) SSL.
On the server side there is no need to "upgrade" - you just provide (redirect from 80 to 443).
On the server you "just create a SSL stream" - unfortunately I have no experiences implementing this.
I only now that is "not so easy" since you must provide (check) X509 certificate handle security and so forth...
I even don't know if this is available in UWA

Maybe this link helps a bit
https://msdn.microsoft.com/en-us/library/system.net.security.sslstream.aspx

Just my two cents - and I really love your server

@Jark
Copy link
Collaborator

Jark commented Feb 17, 2016

Hi ManniAt,

I used that documentation link to provide some proof that it couldn't be done, if it could be done there would be a link to what you can use to accomplish it. I did read many more articles / forum posts before posting that and there really seems to be no Windows Universal alternative.

We can't use System.Net.Security.SslStream because it is not implemented in Windows Universal, the server-side ssl support is simply not there. If you were really keen to get it working I would look either into including this + supporting classes into the project somehow: https://github.com/dotnet/corefx/blob/master/src/System.Net.Security/src/System/Net/SecureProtocols/SslStream.cs, or use https://github.com/openssl/openssl to implement ssl. Both solutions are quite involved and hard to get right (read: secure) without having detailed knowledge of how the ssl protocol works. I think for now our best hope is to wait on Microsoft to implement this for us.

@tomkuijsten
Copy link
Owner

Would there be any (standard) alternative for SSL, at least to provide some basic security? And I don't mean "basic authentication" which isn't secure unless you use SSL.

@HakanL
Copy link

HakanL commented Mar 17, 2016

If you're in control of both client and server then you could encrypt the payload and pass it via the supported http protocol.

@tomkuijsten tomkuijsten added this to the vFuture milestone May 26, 2016
@suresh-dev
Copy link

Hello Everyone,

I am trying to create SSL Server in UWP, and i want to implement SSL handshake manually. I am able to create http server not https.

if there is any possible ways
is this possible?
if it is possible can direct me?

thanks.

@Jark
Copy link
Collaborator

Jark commented Jul 27, 2016

Hi @sureshdev,

Please have a look at my previous reply on this thread. It contains some pointers of now to do this.

Cheers,

Jark

@ummarbhutta
Copy link

Is there any hope we can get SSL working now on Windows IoT? The latest chrome is now marking pages as insecure with password fields.

@tomkuijsten
Copy link
Owner

Fot restup there isn't much hope, but there are some signs for ASP.NET core on Win10IoT, check this post

@ummarbhutta
Copy link

There are some paid libraries which provides SSL server socket on UWP. See this, I am not sure how it is implemented in there if StreamSocketListener doesn't support server side part of SSL, Probably they have implemented it on top of StreamSocket to provide SSL functionality as @Jark described

The only way that I could see of doing it, is to use some kind of library to implement ssl on top of the StreamSocketListener stream.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature
Projects
None yet
Milestone
vFuture
Development

No branches or pull requests
7 participants
@HakanL @Jark @ManniAT @kchinnam @tomkuijsten @ummarbhutta @suresh-dev