Identity verification

As you may recall, the first step of the TLS protocol is to establish the identity of the server. In that step, the client simply initiates a secure connection by sending a request to a secure endpoint (an endpoint leveraging HTTPS) and the server responds with an X.509 certificate. To that end, we've created a simple GET method named initiate-connection, which returns a certificate, which here is just a string:

[HttpGet("initiate-connection")]public ActionResult<string> GetCertificate() {    return "SSL_CERTIFICATE";}

As you may recall, the responsibility for interacting with a trusted CA falls on the client. So, at this point, we merely wait for them to confirm that we are who we say we are. Once they notify us that the ...

Get Hands-On Network Programming with C# and .NET Core now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.