Authentication failed because the remote party has closed the transport stream

Question

This happens on the sslStream.AuthenticateAsServer(serverCertificate, true, SslProtocols.Default, true); call.

I'm trying to do client authentification. I control both client and server, both are c# via sslstream. When I use a nodejs server, it works perfectly. But I just cant get the serverside to reliably work in c# for some reason. Clearly the ssl authentification needs to wait for the client to choose the client certificate, but apparently this is not a built in feature for c# sslstream class? I already tried doing this before the call, but it still immediately errors out on the call:

I dont mind the security question in IE. That's fine. I'm concerned with the fact how sslstream does not seem to work at all with such a basic szenario.

Error from wcf trace:

System.Net Error: 0 : [7928] Exception in AppDomain#13869071::UnhandledExceptionHandler - Authentication failed because the remote party has closed the transport stream.. at System.Net.Security.SslState.ValidateCreateContext(Boolean isServer, String targetHost, SslProtocols enabledSslProtocols, X509Certificate serverCertificate, X509CertificateCollection clientCertificates, Boolean remoteCertRequired, Boolean checkCertRevocationStatus, Boolean checkCertName) at System.Net.Security.SslStream.AuthenticateAsServer(X509Certificate serverCertificate, Boolean clientCertificateRequired, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)

Answer 1

Adding the below code helped me overcome the issue (I'm running the app in .NET 4.5.1).

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls11;