0

I'm trying to write a secure websocket (WSS) server in C#. I started out with unsecure sockets using TcpClient objects, but assumed I need to use SslStream for the secure version. I know I need to use AuthenticateAsServer() to add a certificate and it's been pretty simple to do with a dummy cert file.

However, the web app I'm working on uses HTTPS certificates from AWS, and ideally, I'd like to use that for the server, too, but I can't figure out how to get the certificates from AWS to be used by the SslStream (Or even initialized as a X509Certificate object).

Is it even possible to use AWS certs in this manner? If so, how?

Roxerg
  • 116
  • 1
  • 13
  • 2
    Jim's answer is correct. However, you can use Let's Encrypt in manual mode (certbot) and create your own certificate. I do this all the time when I am not using an AWS service and certificate. Look for my answer here: https://stackoverflow.com/questions/50766990/how-to-properly-set-up-https-for-onlyoffice/50779055 – John Hanley Jun 11 '18 at 01:09

1 Answers1

1

No, I don't believe it's possible because the free certificates from AWS Certificate Manager are tightly controller it seems:

With AWS Certificate Manager, you can quickly request a certificate, deploy it on ACM-integrated AWS resources, such as Elastic Load Balancers, Amazon CloudFront distributions, and APIs on API Gateway, and let AWS Certificate Manager handle certificate renewals

As I understand it AWS can create certificates and manage them for you, but only when they are plugged into bolt-on services (external services such as load balancers, gateways etc) that they run. You can't use them in your own code.

Jim W
  • 4,866
  • 1
  • 27
  • 43