Notice (2018-05-24): bugzilla.xamarin.com is now in
Please join us on
Visual Studio Developer Community and in the
Mono organizations on
GitHub to continue tracking issues. Bugzilla will remain
available for reference in read-only mode. We will continue to work
on open Bugzilla bugs, copy them to the new locations
as needed for follow-up, and add the new items under Related
Our sincere thanks to everyone who has contributed on this bug
tracker over the years. Thanks also for your understanding as we
make these adjustments and improvements for the future.
Please create a new report on
GitHub or Developer Community with
your current version information, steps to reproduce, and relevant error
messages or log files if you are hitting an issue that looks similar to
this resolved bug and you do not yet see a matching new report.
-Ran mozroots --import --sync, certmgr -ssl url
OS: Ubuntu 14.04 LTS
Nginx 1.7.4 (sha256RSA 2048 bits)
Postfix mail_version = 2.11 (sha256RSA 2048 bits)
C# code to send mail executes (EnableSSL = true;), it throws the following exception
System.Net.Mail.SmtpException: Message could not be sent. ---> System.IO.IOException: The authentication or decryption has failed. ---> System.ArgumentException: certificate ---> System.Security.Cryptography.CryptographicException: Unsupported hash algorithm: 1.2.840.1135126.96.36.199
at Mono.Security.X509.X509Certificate.VerifySignature (System.Security.Cryptography.RSA rsa) [0x00000] in <filename unknown>:0
at Mono.Security.X509.X509Certificate.VerifySignature (System.Security.Cryptography.AsymmetricAlgorithm aa) [0x00000] in <filename unknown>:0
at System.Security.Cryptography.X509Certificates.X509Chain.IsSignedWith (System.Security.Cryptography.X509Certificates.X509Certificate2 signed, System.Security.Cryptography.AsymmetricAlgorithm pubkey) [0x00000] in <filename unknown>:0
at System.Security.Cryptography.X509Certificates.X509Chain.Process (Int32 n) [0x00000] in <filename unknown>:0
at System.Security.Cryptography.X509Certificates.X509Chain.ValidateChain (X509ChainStatus
Problem was mentioned in this thread but that was for Mono 2.10: https://bugzilla.xamarin.com/show_bug.cgi?id=8788
Posting here as the solution:
So I dropped my existing Mono.Security.dll (v188.8.131.52 .NET Framework v4.0) into dotNetPeek (free decompiler) and looked at the code.
Drilled down into code tree: Mono.Security => Mono.Security.X509 => X509Certificate => internal bool VerifySignature(RSA rsa)
The VerifySignature() method only has 4 possible signatures, algorithm: 1.2.840.1135184.108.40.206 not being one of them.
So I went and downloaded the Mono.Security.dll from the npgsql project on github (Npgsql is the .NET data provider for Postgresql): https://github.com/npgsql/npgsql/tree/master/lib/Mono.Security/4.0
Says its was released 3 months ago ~7/22/2014 with note (Update Mono.Security.dll assembly to Mono version 3.4.0)
Loaded new Mono.Security.dll into dotNetPeek and drilled down: Mono.Security => Mono.Security.X509 => X509Certificate => public virtual byte Signature.
Has 10 different signatures and the one I needed (1.2.840.1135220.127.116.11) was there.
Delete OLD reference in my project to Mono.Security.dll and emptied bin directory. Add New Reference => Browse => newly downloaded Mono.Security.dll from npgsql github => Clean => Rebuild => Deploy. Sending email works fine now.
Special thanks to the contributors of this project!