Use .NET HttpListener in Unity-Application to server Https no possible?

Hi folks.
I am currently working on an Unity application with a very basic REST-API. My application should function as http-server a responed to request made via https. For this purpose I want to use the .NET HttpListener class. I am able to sever http requests, but respuests via https will not coming through. Trying to access the endpoint (e.g. https://localhost:1988/) will result in an immediate connection aborted/refused error.

I have created and installed a SSL certificated, like this:
makecert -n CN=localhost -sr localmachine -ss My -sky exchange -pe

... bound the certificate to a ip-port, like this:
netsh http add ipport=0.0.0.0:1988 certhash=... appid=random_guid

... and added a mapping to allow the machine user/application accessing this ip-port, like this:
netsh http add urlacl url=https://+:1988/MyUri user=DOMAIN\user

I have build and run the Unity application in Windows10.

I have created a small demo .NET appliation (see attachment NetApp_HttpListener) which works fine for me and is serving requests via https. I also provide a small Unityscript (MonoBehaviour) which can be attached to the camera in a new scene. This MonoBehaviour executes the same code as the NetApp_HttpListener, but will not receive any requests made via the very same endpoint. Http requests however work fine.

Have you any experience with this problem and may help me out here. Any advice is appreciated, thanks

Cheers,
Tobs.

 

My client is my web browser. Do I have influence on the validation process here? And why would the .NET app (server) work, but the Unity application not?

 

Hi Aurimas.
So as mentioned in my initial post I am running this command in the windows-cmd
makecert -n CN=localhost -sr localmachine -ss My -sky exchange -pe

this will install a self-signed certificate in "Local Computer/Personal/Certificates" (observered through the mmc tool). Regarding the error provided by my web-browsers. Chrome is saying "ERR_CONNECTION_RESET" or "ERR_CONNECTION_ABORTED". Running network diagnostics reveals the following hint: "The remote resource won't accept the connection". Microsoft Edge is saying: "Cannot securely connect to this page.This might be because the site uses outdated or unsafe TLS security settings. If this keeps happening, try contacting the website’s owner." Firefox says: Connection to secure page failed. Connection was reseted by server.

Are there any extra security measures implemented by Unity causing TSL/SSL to fail?

 

Hi,

Are there any news about this? I do have exactly the same problem...

I'm using Unity 2018.4.15 with sta/websocket_sharp library. When using the .net exe build from visual studio everything works (including https server and wss upgrade), but when using the dll inside of unity, only unsecured http / ws connections can be established.

 

I also have the same problem. If I copy paste the exact same code for the HttpListener implementation I'm using into a .NET console app and run it, it will connect. Using Unity 2019.4.1.

The only thing I can think it might be is binding the certificate to the application.

netsh http add ipport=0.0.0.0:1988 certhash=... appid=random_guid

For the appid I'm using is the ProjectGUID in the Assembly-CSharp.csproj file. Not sure if this correct but couldn't find anything else I thought was reasonable to use.