[Bug] SSLAuthentication error when using TcpClient with TLS1.2 -> Mono.Security.Interface.TlsException
I am using TcpClient with TLS1.2 and occasionally when trying to write or authenticate the stream I get the following SSLAuthentication error:
Mono.Security.Interface.TlsException: Unknown Secure Transport error `ClosedGraceful'. at Mono.AppleTls.AppleTlsContext.CheckStatusAndThrow (Mono.AppleTls.SslStatus status, Mono.AppleTls.SslStatus acceptable) [0x000c1] in /Users/builder/jenkins/workspace/xamarin-macios/xamarin-macios/external/mono/mcs/class/System/Mono.AppleTls/AppleTlsContext.cs:123
I don't get the exception every time, it seems to happen randomly, especially on iOS 13 and I can get it when trying to: 1) authenticate the client 2) write to an already authenticated stream, (where IsAuthenticated returned true earlier!)
It says on Stackoverflow the issue can be resolved by switching from Apple to Mono TLS implementation but I can't as Mono seems to use an older version of TLS that is not PCI compliant as suggested here https://stackoverflow.com/questions/38528616/tls-exception-unknown-secure-transport-error-closed-graceful
Any help would be appreciated.
Steps to Reproduce
- Implement TcpClient SSL stream,
TcpClient tcpClient = new TcpClient(); tcpClient.ConnectAsync(host, port); SslStream sslStream = new SslStream(tcpClient.GetStream());
- Authenticate using TLS1.2 (for PCI compliance)
SslProtocols sslProtocols = (SslProtocols)Enum.Parse(typeof(SslProtocols), "Tls12"); sslStream.AuthenticateAsClient(this.Host, null, sslProtocols, true);
Create loop to read from stream on new 'read' thread
Close TcpClient connections and reopen(repeat multiple times)
I get no SSL Authentication errors or if I do that I get them every time.
When Authenticating and writing to SSL stream I intermittently get SSL Authentication errors.
- Version with issue: v22.214.171.1249249
- Last known good version: unknown
- IDE: Visual Studio 2017 Windows & Mac
- iOS: All - iOS 10>
- Android: All - Android 6>