“The credentials supplied to the package were not recognized” error when authenticating as server with certificate generated using BouncyCastle

Question

I\'m trying to create a certificate using the BouncyCastle.Crypto dll, which is then used to authenticate a SslStream as the server in a Windows Service process, which runs

Answer 1

I don't recall this error but the certificate you're creating is not a valid to be used for SSL/TLS, including:

• v1 (not v3) certificate;
• missing extensions;
• invalid CN;
• ...

There are several RFC that talks about this, including RFC5246 on TLS (1.2).

Finally making your own certificates is not more suitable than using the ones made by makecert (but the last one can generate the minimum set to be usable for an SSL/TLS server certificate).

I strongly suggest you to buy, from a good known Certificate Authority (CA), a SSL/TLS certificate for production. That will get you a working certificate recognized by the most browsers and tools.