Incorrect certificate chain used in SslStream_UntrustedCaWithCustomTrust_OK test.

[rzikm]

Discovered while working on #72873.

During the original implementation, there was a typo at

runtime/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamNetworkStreamTest.cs

Line 791 in cfa4f6f

serverOptions.ServerCertificateContext = SslStreamCertificateContext.Create(certificates.serverCert, certificates.serverChain);

From discussion with @wfurt, the second argument should be serverChain. However, the change breaks tests on Mac so more investigation is needed:

    System.Net.Security.Tests.SslStreamNetworkStreamTest.SslStream_UntrustedCaWithCustomTrust_OK(usePartialChain: False) [FAIL]
      System.Security.Authentication.AuthenticationException : The remote certificate is invalid because of errors in the certificate chain: PartialChain
      Stack Trace:
        /_/src/libraries/System.Net.Security/src/System/Net/Security/SslStream.IO.cs(477,0): at System.Net.Security.SslStream.SendAuthResetSignal(ProtocolToken message, ExceptionDispatchInfo exception)
        /_/src/libraries/System.Net.Security/src/System/Net/Security/SslStream.IO.cs(529,0): at System.Net.Security.SslStream.CompleteHandshake(SslAuthenticationOptions sslAuthenticationOptions)
        /_/src/libraries/System.Net.Security/src/System/Net/Security/SslStream.IO.cs(332,0): at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](Boolean receiveFirst, Byte[] reAuthenticationData, CancellationToken cancellationToken)
        /_/src/libraries/Common/tests/System/Threading/Tasks/TaskTimeoutExtensions.cs(120,0): at System.Threading.Tasks.TaskTimeoutExtensions.GetRealException(Task task)
        --- End of stack trace from previous location ---
        /_/src/libraries/Common/tests/System/Threading/Tasks/TaskTimeoutExtensions.cs(90,0): at System.Threading.Tasks.TaskTimeoutExtensions.WhenAllOrAnyFailed(Task[] tasks)
        /_/src/libraries/Common/tests/System/Threading/Tasks/TaskTimeoutExtensions.cs(55,0): at System.Threading.Tasks.TaskTimeoutExtensions.WhenAllOrAnyFailed(Task[] tasks, Int32 millisecondsTimeout)
        /_/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamNetworkStreamTest.cs(805,0): at System.Net.Security.Tests.SslStreamNetworkStreamTest.SslStream_UntrustedCaWithCustomTrust_OK(Boolean usePartialChain)
        --- End of stack trace from previous location ---

Tagging subscribers to this area: @dotnet/ncl, @vcsjones
See info in area-owners.md if you want to be subscribed.

Issue Details

---

Discovered while working on #72873.

During the original implementation, there was a typo at

runtime/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamNetworkStreamTest.cs

Line 791 in cfa4f6f

serverOptions.ServerCertificateContext = SslStreamCertificateContext.Create(certificates.serverCert, certificates.serverChain);

From discussion with @wfurt, the second argument should be serverChain. However, the change breaks tests on Mac so more investigation is needed:

    System.Net.Security.Tests.SslStreamNetworkStreamTest.SslStream_UntrustedCaWithCustomTrust_OK(usePartialChain: False) [FAIL]
      System.Security.Authentication.AuthenticationException : The remote certificate is invalid because of errors in the certificate chain: PartialChain
      Stack Trace:
        /_/src/libraries/System.Net.Security/src/System/Net/Security/SslStream.IO.cs(477,0): at System.Net.Security.SslStream.SendAuthResetSignal(ProtocolToken message, ExceptionDispatchInfo exception)
        /_/src/libraries/System.Net.Security/src/System/Net/Security/SslStream.IO.cs(529,0): at System.Net.Security.SslStream.CompleteHandshake(SslAuthenticationOptions sslAuthenticationOptions)
        /_/src/libraries/System.Net.Security/src/System/Net/Security/SslStream.IO.cs(332,0): at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](Boolean receiveFirst, Byte[] reAuthenticationData, CancellationToken cancellationToken)
        /_/src/libraries/Common/tests/System/Threading/Tasks/TaskTimeoutExtensions.cs(120,0): at System.Threading.Tasks.TaskTimeoutExtensions.GetRealException(Task task)
        --- End of stack trace from previous location ---
        /_/src/libraries/Common/tests/System/Threading/Tasks/TaskTimeoutExtensions.cs(90,0): at System.Threading.Tasks.TaskTimeoutExtensions.WhenAllOrAnyFailed(Task[] tasks)
        /_/src/libraries/Common/tests/System/Threading/Tasks/TaskTimeoutExtensions.cs(55,0): at System.Threading.Tasks.TaskTimeoutExtensions.WhenAllOrAnyFailed(Task[] tasks, Int32 millisecondsTimeout)
        /_/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamNetworkStreamTest.cs(805,0): at System.Net.Security.Tests.SslStreamNetworkStreamTest.SslStream_UntrustedCaWithCustomTrust_OK(Boolean usePartialChain)
        --- End of stack trace from previous location ---

Author:	rzikm
Assignees:	-
Labels:	area-System.Net.Security, os-mac-os-x
Milestone:	-

[wfurt]

The test got broken by #47729 in 6.0. Originally introduced by #46664.

[karelz]

Triage: @wfurt found couple of product problems in this area -- see the above PRs. It is not regression against 6.0, but we should try to fix it.
It is puntable if needed.

[karelz]

Moving to 8.0 due to lack of time as per above.

[wfurt]

This was primarily fixed by #73577. I was waiting for #73745 to get more test coverage.
Remaining (test only ) issue is tracked by #73862