Proper SSL server support for mobile platforms?

Is there a way to use HttpListener on mobile platforms in conjunction with TLS? On OS X, running the httpcfg file will store the key and cert in the proper location, but the big kicker is that it removes the password from the key first. I've learned that on iOS the proper location is inside the application data directory, yadda yadda, but putting a non-password protected private key file there seems like a very insane idea. It would be trivial to simply download the private key from the filesystem and compromise everything.

Can I make mono store the key somewhere else, or at least use a password protected key? Or set the keys for use? Or am I off in fantasy land and I'll have to abandon HttpListener and re-implement the whole stack to get this feature?

Sign In or Register to comment.