http-ssl-request with sslv3 and tlsv1

ssl-request.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Net;
using System.IO;
using System.Security.Authentication;
using System.Net.Sockets;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
using System.Globalization;

/**
 * simple sample thingie.
 * sslv3 is no longer supported on www.telenor.no, have to use tlsv1. 
 * this can be applied to www.telenorforhandler.no as well, however, no certificate is present in this test, thats why we use www.telenor.no as an example :-).
 */
namespace ConsoleApplication1 {
    class Program {

        private static String KEY_PASSWORD = "?!?!?!?!!!!";
        private static X509Certificate certificate;
        private static String WHERE = "https://www.telenor.no/privat/";

        static void Main(string[] args) {
            //connectSecurely();
            configureCertificate();
            connectWithCertificate();
        }

        /**
         * Connect securely and select a suitable certificate (pkcs12 for instance..)
         */
        public static void connectWithCertificate() {
            connectToSomeHost("otl.telenorforhandler.no", 443);
        }

        private static void configureCertificate() {
            try {
                certificate = new X509Certificate(@"?!?\????.????", KEY_PASSWORD);
            } catch (Exception e) {
                System.Diagnostics.Debug.WriteLine("Ops, password is most likely wrong. You suck" + e.Message);
            }
        }


        /**
         * Just connect securely
         */
        public static void connectSecurely() {
            System.Diagnostics.Debug.WriteLine("Connecting to " + WHERE);
            System.Diagnostics.Debug.WriteLine("#####Connecting with SSLv3 - should fail#####");
            configureDefaultSecurityStuff(SecurityProtocolType.Ssl3);
            System.Diagnostics.Debug.WriteLine(sendRequest(WHERE));
            System.Diagnostics.Debug.WriteLine("#####Connecting with TLSv1 - working fine#####");
            configureDefaultSecurityStuff(SecurityProtocolType.Tls);
            System.Diagnostics.Debug.WriteLine(sendRequest(WHERE));
        }

        public static String sendRequest(string where) {
            String what;
            WebRequest request = WebRequest.Create(where);
            request.Method = "GET";
            try
                {
                    WebResponse response = request.GetResponse();
                    Stream stream = response.GetResponseStream();
                    what = "All good - connected :-)..";
                }
            catch (Exception Ex)
            {
                what = "Unable to connect. Reason: " + Ex.Message;
            }
            return what;
        }

        public static void configureDefaultSecurityStuff(SecurityProtocolType type) {
            System.Diagnostics.Debug.WriteLine("Configuring defaults.");
            ServicePointManager.SecurityProtocol = type;
            ServicePointManager.Expect100Continue = true;
        }

        public static bool validateCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors errors) {
            if (errors == SslPolicyErrors.None) {
                return true;
            }
            if (certificate != null) {
                System.Diagnostics.Debug.WriteLine(string.Format("certificatename : {0}, SerialNumber: {1}", certificate.Subject, certificate.GetSerialNumberString()));
                return true;
            }
            System.Diagnostics.Debug.WriteLine(String.Format("Certificate error: {0}", errors));
            return false;
        }

        public static void connectToSomeHost(string host, int port) {
            System.Diagnostics.Debug.WriteLine(String.Format("Will try to connect to {0} on port {1}", host, port));
            TcpClient client = new TcpClient(host, port);
            var stream = new SslStream(client.GetStream(), false, validateCertificate, null);
            try {
                X509Certificate[] X509Certificates = { certificate };
                X509CertificateCollection certsCollection = new X509CertificateCollection(X509Certificates);
                stream.AuthenticateAsClient(host, certsCollection, SslProtocols.Ssl3, false);
                System.Diagnostics.Debug.WriteLine(stream.IsAuthenticated ? "Client authenticated and all is good! :-D" : "Client is not authenticated :-S");
            } catch (AuthenticationException ae) {
                System.Diagnostics.Debug.WriteLine("Failed to authenticate - something did not go quite as expected! closing the client..." + ae.Message);
                return;
            } catch (Exception ex) {
                System.Diagnostics.Debug.WriteLine(string.Format("General exception occured {0}", ex.Message));
                return;
            } finally {
                client.Close();
            }
        }
    }
}

Connecting to https://www.telenor.no/privat/

Connecting with SSLv3 - should fail

Configuring defaults.
A first chance exception of type 'System.Net.WebException' occurred in System.dll
Unable to connect. Reason: The underlying connection was closed: An unexpected error occurred on a send.

Connecting with TLSv1 - working fine

Configuring defaults.
All good - connected :-)..