Question on SSLContext usage

[AllonisDave]

I have a need to connect to a Lutron RA3 hub. This requires a SSL connection using a hub generated device cert file and private key along with an intermediate CA cert file. These all have to be chained together to make the connection.

I have created a new SSL class based on the SSLChat client example. I cannot figure out the proper way to build the SSLContext when creating the client.

The problem is that when I issue the connect() I get the connect event but then it is immediately followed by a error event and a disconnect event.

The reported error is - disconnected.

I suspect I am not packaging the certificates correctly. If anyone has done something similar to this any insights you can provide will be greatly appreciated.

This is what I have tried. The paths to the files are valid and I do end up with 2 certificates in the collection.

string deviceCertFilePath = ServerPath + "\data\lutron\192.168.0.140.crt";
string deviceKeyFilePath = ServerPath + "\data\lutron\192.168.0.140.key";
string intermediateCertFilePath = ServerPath + "\data\lutron\192.168.0.140-bridge.crt";

X509Certificate2Collection certificates = new();

var certificate = X509Certificate2.CreateFromPemFile(deviceCertFilePath, deviceKeyFilePath);
certificates.Add(certificate);
certificates.Add(new X509Certificate2(File.ReadAllBytes(intermediateCertFilePath)));

var context = new SslContext(SslProtocols.Tls12, certificates, ValidateServerCertificate) {
ClientCertificateRequired = true
};

controller.wrkClient = new NetSslClient(context, deviceHost, devicePort);

controller.wrkClient.NetConnected += (sender, e) => {
NetSslClient rTCP = (NetSslClient)sender;
LogDebug("Pair", "Device has connected.");
};
controller.wrkClient.NetDisconnected += (sender, e) => {
NetSslClient rTCP = (NetSslClient)sender;
LogDebug("Pair", "Device has disconnected.");
};
controller.wrkClient.NetError += (sender, error) => {
LogDebug("Pair", "Error " + error.ToString());
};
controller.wrkClient.NetHandshake += (sender, e) => {
LogDebug("Pair", "Handshake");
};

controller.wrkClient.DataReceived += (sender, msg) => {
NetSslClient rTCP = (NetSslClient)sender;
LogDebug("Pair RX", msg);
};
controller.wrkClient.Connect();

...

and my NetSslClient is as follows (essentially the SSLChatClient)

public class NetSslClient: SslClient {
public event EventHandler NetConnected;
public event EventHandler NetDisconnected;
public event EventHandler NetHandshake;
public event EventHandler NetError;
public event EventHandler DataReceived;

public NetSslClient(SslContext context, string address, int port) : base(context, address, port) { }
private bool _stop;
public string tag { get; set; }
public byte Delimiter { get; set; }

public void DisconnectAndStop() {
	_stop = true;
	DisconnectAsync();
	while (IsConnected)
		Thread.Yield();
}

protected override void OnConnected() {
	NetConnected?.Invoke(this, true);
}

protected override void OnDisconnected() {
	NetDisconnected?.Invoke(this, true);
	_stop = true;
	if (!_stop) {
		Thread.Sleep(1000);
		ConnectAsync();
	}
}

protected override void OnHandshaked() {
	NetHandshake?.Invoke(this, true);
}

protected override void OnReceived(byte[] buffer, long offset, long size) {
	Console.WriteLine(Encoding.UTF8.GetString(buffer, (int)offset, (int)size));
	if (DataReceived != null) {
		string msg = Encoding.UTF8.GetString(buffer, (int)offset, (int)size);
		DataReceived(this, msg);
	}
}

protected override void OnError(SocketError error) {
	NetError?.Invoke(this, error);
}

}