1

I am facing a problem in WebView of Win RT (Windows 8.1 Store App).

When I am trying to navigate to a Page ( within the WebView), if the page contains security certificate error, the WebView is simply showing a blank(white) page.

Based on the following post, https://social.msdn.microsoft.com/Forums/windowsapps/en-US/c5159b37-73cb-4081-a59e-4b1d867e4f77/webview-load-webpage-for-uri-with-none-validate-ssl-certificate?forum=winappswithcsharp

I am assuming that , the webview is not built to show pages which has certificate issues.

I have also tried to the get the page content via Windows.Web.Http.HttpClient with HttpBaseProtocolFilter and included all possible values of ChainValidationResult Enumeration within the IgnorableServerCertificateErrors List.

However, that is also not able to resolve the issue. Its continued to throw exception (InvalidName, Untrusted).

I have also gone through following post, but none actually solved the issue I am facing now. Allowing Untrusted SSL Certificates with HttpClient

I would really appreciate, if you guys can provide possible solutions/workaround to overcome this limitation.

Thanks in advance..

Regards Sam

Community
  • 1
  • 1
Samriddha Chatterjee
  • 103
  • 1
  • 6
  • Using `HttpClient`, you can find out what are the certificate errors using the code from the following answer: http://stackoverflow.com/questions/25919321/will-a-windows-store-app-always-disallow-a-self-signed-certificate-even-if-expli/25919790#25919790 – kiewic Oct 14 '14 at 15:16
  • Yes, I am getting the "InvalidName" and "UnTrusted" Certificate errors. I have also tried including them in IgnorableServerCertificateErrors list , but the same error keeps coming.. – Samriddha Chatterjee Oct 14 '14 at 20:31
  • Is it possible you share the URL? – kiewic Oct 17 '14 at 06:27

2 Answers2

1

You can do it this way:

  1. export site cerfificate to a file (localhost.cer)
  2. edit appxmanifest and add this extension (after capabilities):

    <Extensions>
        <!--Certificates Extension-->
        <Extension Category="windows.certificates">
            <Certificates>
                <Certificate StoreName="Root" Content="Assets\localhost.cer" />
            </Certificates>
        </Extension>
    </Extensions>
  1. copy your certificate (localhost.cer) to your Assets folder and change it's build action to Content

try now...

hope this helps,

marmots
  • 91
  • 2
  • 4
0

Is that particular site/page something that your app will be frequently accessing? If so, download the SSL certificate from that website and ship it with the app so that it trusts that site.

You can also use this technique to bypass SSL errors: http://blogs.msdn.com/b/wsdevsol/archive/2013/10/17/how-to-ignore-self-signed-certificate-errors-in-windows-store-apps-8-1.aspx

Matt Small
  • 2,182
  • 1
  • 10
  • 16
  • Thanks Matt, is there anyway I can include the certificate programaticaly, within the installation folder. If Yes, then will it solve the actual issue? – Samriddha Chatterjee Oct 14 '14 at 20:34
  • I have already tried the blog post , which you have mentioned. It didnt worked for me. HttpClient continued to throw "InValidName" and "UnTrusted" Certificate errors, even after including them in the IgnorableServerCertificateErrors list. – Samriddha Chatterjee Oct 14 '14 at 20:37
  • You should be able to do it this way: http://msdn.microsoft.com/en-us/library/windows/apps/xaml/Hh465002%28v=win.10%29.aspx – Matt Small Oct 14 '14 at 22:03