1 - To make secure communication between a client and a server, I decided to use SSL using SSLStream, from
Yes you can use SSLStream
even if it is not a web server, i.e. you can use it when establishing a TCP connection between a server and a client.
You can generate your own certificate with OpenSSL (guide to creating a self-signed certificate in OpenSSL) .
In order to make the process easier, there is a piece of code that generates a script through the command line (I recommend creating a .cmd / .bat file to make the process easier):
:: Se instalou o OpenSSL num local não-padrão, altere os caminhos abaixo.
@echo off
set OPENSSL_CONF=C:\OpenSSL-Win32\bin\openssl.cfg
"C:\OpenSSL-Win32\bin\openssl" req -x509 -nodes -days 365 -subj /C=[código de duas letras do país]/ST=[estado]/L=[localidade]/CN=[Nome do servidor] -newkey rsa:1024 -keyout private.key -out cert.crt
"C:\OpenSSL-Win32\bin\openssl" pkcs12 -export -in cert.crt -inkey private.key -out [nome do certificado].pfx -passout pass:[password do seu certificado]
del .rnd
del private.key
del cert.crt
With the certificate you created, you can use it as follows on the server:
X509Certificate2 cert = new X509Certificate2([caminho para o certificado, [password do certificado]);
SslStream sslStream = new SslStream(client.GetStream());
sslStream.AuthenticateAsServer(cert);