Skip to content

QUIC: Support hosting self-signed certificates #50156

Description

@JamesNK

QUIC should support the same certificates that SslStream+Kestrel does. For example, a server hosting a website using an untrusted, self-signed certificate.

The server certificate is specified using SslServerAuthenticationOptions

I believe today that QUIC will fail when using an untrusted certificate. In this situation, the error reported by QUIC is not helpful about what the problem is. I don't have it on hand, but it was something like "Error: invalid state".

  • Test System.Net.Quic server with invalid certificates
    • Self-signed
    • Outdated algorithms
    • Host name mismatch
  • Where possible, match SslStream behavior
  • If an unusable certificate is configured, provide a clear error with enough information to help the dev fix the problem

Metadata

Metadata

Assignees

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions