I don’t know exactly why, but it doesn’t like the ECDSA certificate you issue. If you instead use standard RSA:
var cr = new CertificateRequest(new X500DistinguishedName("cn=this.is.invalid"), RSA.Create(), HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
and leaving everything else as is – then it will work as expected. In theory, TLS supports ECC (elliptic curve) keys, but I’m not expert in this and not sure why SslStream.AuthenticateAsServer doesn’t like that certificate. Hopefully you don’t need specifically ECC, then workaround above with RSA is perfectly fine.
CLICK HERE to find out more related problems solutions.