See Also: SslServerStream Members
C# Example
using System; using System.IO; using System.Net; using System.Net.Sockets; using System.Text; using Mono.Security.Authenticode; using Mono.Security.Protocol.Tls; using System.Security.Cryptography; using System.Security.Cryptography.X509Certificates; namespace SslHttpServer { class SslHttpServer { private static X509Certificate _certificate; private static string certfile; private static string keyfile; static void Main (string [] args) { certfile = (args.Length > 0) ? args [0] : "ssl.cer"; keyfile = (args.Length > 0) ? args [0] : "ssl.pvk"; Socket listenSocket = new Socket (AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp); IPEndPoint localEndPoint = new IPEndPoint (IPAddress.Any, 1888); Socket requestSocket; listenSocket.Bind (localEndPoint); listenSocket.Listen (10); while (true) { try { requestSocket = listenSocket.Accept (); using (NetworkStream ns = new NetworkStream (requestSocket, FileAccess.ReadWrite, true)) { using (SslServerStream s = new SslServerStream (ns, Certificate, false, false)) { s.PrivateKeyCertSelectionDelegate += new PrivateKeySelectionCallback (GetPrivateKey); StreamReader reader = new StreamReader (s); StreamWriter writer = new StreamWriter (s, Encoding.ASCII); string line; string answer = "HTTP/1.0 200\r\n" + "Connection: close\r\n" + "Content-Type: text/html\r\n" + "Content-Encoding: " + Encoding.ASCII.WebName + "\r\n" + "\r\n" + "<html><body><h1>Hello World!</h1></body></html>\r\n"; // Read request header do { line = reader.ReadLine (); if (line != null) Console.WriteLine (line); } while (line != null && line.Length > 0); // Send response writer.Write (answer); writer.Flush (); s.Flush (); ns.Flush (); } } } catch (Exception ex) { Console.WriteLine ("---------------------------------------------------------"); Console.WriteLine (ex.ToString ()); } } } private static X509Certificate Certificate { get { if (_certificate == null) _certificate = X509Certificate.CreateFromCertFile (certfile); return _certificate; } } // note: makecert creates the private key in the PVK format private static AsymmetricAlgorithm GetPrivateKey (X509Certificate certificate, string targetHost) { PrivateKey key = PrivateKey.CreateFromFile (keyfile); return key.RSA; } } }
You can create a X.509 test certificate and it's private key with the following command:
Example
makecert -n "CN=localhost" -r -sv ssl.pvk ssl.cer
Note: Thanks to Jörg Rosenkranz for the original code sample.