I have a .NET client and an OpenSSL server doing mutual authentication. SslStream.AuthenticateAsClient() throws the exception "A call to SSPI failed, see inner exception" and the inner exception says "The message received was unexpected or badly formatted".
An MSDN article says that this can happen if the server's trusted CA list (which is sent to the client during the SSL handshake) doesn't contain the CA that the client cert is using. I'm setting the trusted CA list in the OpenSSL server so that should be valid.
The client and server certs were both signed by the same CA which is valid. If I use a .NET server everything works fine. Is there any way to get specific information about what the client doesn't like? Thanks in advance.
View Complete Post