Certificate Validation Error Using Rebex HTTPS on Xamarin.Android with .NET Standard 2.0

0 votes
asked Apr 27 by mobile653 (730 points)

We are using Rebex HTTPS R5.0 in a Xamarin for Android project, build using Visual Studio 2019 version 16.9.4, for devices running Android 10.

According to you platform support chart, we added the binaries from the netstandard2.0 folder to the project, same for the binaries of the Simple elliptic curve libraries.

Contacting the domain cdn.reservix.com with TLS 1.3, we get an error validating the certificate with the following ValidationStatus:

IncompleteChain | OfflineRev | UnknownRev

Behind that there is an error in the Handle of the CertificateChain of the SslCertificateValidationEventArgs in the ValidatingCertificate event handler:

Unable to cast object of type "Mono.Debugger.Soft.PointerValue" to type "Mono.Debugger.Soft.PrimitiveValue".

Updating to the .NET Standard 2.1 version did not change anything.

What can we do here?

1 Answer

0 votes
answered Apr 27 by Lukas Pokorny (121,830 points)
selected Apr 27 by mobile653
 
Best answer

By default, Rebex components on Xamarin.Android use .NET's X509Chain class to validate certificates, which currently uses its own certificate stores, which usually does not work properly.

Please add reference to Rebex.Common.Native.dll and enable NativeCertificteEngine, as described in the following KB article:
HOWTO: HOWTO: Validating X.509 certificates on Xamarin.Android and Xamarin.iOS

commented Apr 27 by mobile653 (730 points)
Thank you, that works!
...