- Home /
Why can't I access the constructor: X509Certificate2 (Byte[], String) on Web platform?
I'm trying to use client certificate for SSL connection, like this:
[...]
X509Certificate2Collection collection = new X509Certificate2Collection ();
collection.Add (new X509Certificate2 (pfxCertFile.bytes, "password"));
stream.AuthenticateAsClient ("server", collection, SslProtocols.Ssl3, false);
[...]
It works on Andoird platform but on WebPlayer a get this error:
The type System.Security.Cryptography.X509Certificates.X509Certificate2' does not contain a constructor that takes
2' arguments
In WebPlayer platform I have access to these contructors:
X509Certificate2:
X509Certificate2 (Byte[])
X509Certificate2 (String)
X509Certificate2 (X509Certificate)
X509Certificate:
X509Certificate (Byte[])
X509Certificate (X509Certificate)
X509Certificate ()
X509Certificate (SerializationInfo, StreamingContext)
I'm using a PFX file that contains the certificat and private key (self signed). To access the file I need to specify password.
My quiestion is:
How can I pass the PFX file and password to the X509Certificate object on WebPlayer platform?
Is there another way to get the 'AuthenticateAsClient ()' with client cert working on WebPlayer platform?
Hi, I'm trying to connect to host via sockets. The connection is established without any problem when there is no client side certificate.
As I mentioned before, i'm trying to authenticate to the host with a self signed certificate, and it works on Android platform. But after switching to Web player, the same constructor used to pass the PFX cert file isn't available at compile time.
Answer by Bunny83 · Jul 01, 2014 at 02:08 PM
Well, that's most likely for security reasons. Since webrequests are actually executed through the browser itself, it might be a security risk to allow to create a certificate with private key.
Take a look at the MonoCompatibility page (it takes some time to fully load since it's huge, so be patient) and search for X509Certificate2. There you see which members are supported and which are not.
The Unitywebplayer already bypasses certain restrictions of the security sandbox of the browser since it's a plugin which contains native code. Sometimes it's not obvious why they removed certain members, but if they are only missing in the webplayer, you can be sure it's for security. Keep in mind that someone could inject a unitywebplayer into another site through cross-site-scripting.
Answer by Fragmental · Jul 01, 2014 at 11:49 AM
If your web player is trying to communicate with a web server, then that web server may need to host a socket server policy file. http://docs.unity3d.com/Manual/SecuritySandbox.html