Geek Answers Handbook

How to ignore self-signed certificates using System.Net.Http.HttpClient in a universal Windows application

I am creating a portable class library, which means I have to use System.Net.Http.HttpClient to call my web APIs, as I understand it. The problem is that for my universal Windows application, I cannot figure out how to ignore the error that is returned due to the fact that the API server may have a self-signed certificate. Any suggestions would be greatly appreciated.

UPDATE: I can’t import certificates, because it will be an application running on different devices in different organizations, and it is impractical to import the signed certificate itself on all devices on which the application is running.

+6
source share
1 answer

Not an option because System.Net.ServicePointManager.CertificatePolicy not available in UWP. If you use Windows.Web.Http.HttpClient instead, you can ignore self-signed certificates .

UPDATE:

The second time, you can ignore the errors of self-signed certificates by adding them to the root certificates of the application.

Two options:

  • Install it using the API:

     IBuffer buffer = await FileIO.ReadBufferAsync(file); Certificate rootCert = new Certificate(buffer); CertificateStore rootStore = CertificateStores.TrustedRootCertificationAuthorities; rootStore.Add(rootCert);

  • Include it in Package.appxmanifest > Announcements > Certificates > Add and install:

    • Store Name: root
    • Content: path to certificate file

With either of the two options, you will stop receiving:

System.Net.WebException: The underlying connection was closed: Failed to establish trust for the SSL / TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the verification procedure.

+4
source

More articles:


All Articles